STIGQter STIGQter: STIG Summary: Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

Exchange Send connector connections count must be limited.

DISA Rule

SV-221222r612603_rule

Vulnerability Number

V-221222

Group Title

SRG-APP-000247

Rule Version

EX16-ED-000230

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Update the EDSP to reflect the value for SMTP Server Maximum Outbound Connections.

Open the Exchange Management Shell and enter the following command:

Set-TransportService -Identity <'IdentityName'> -MaxOutboundConnections 1000

Note: The <IdentityName> value must be in single quotes.

or

The value as identified by the EDSP that has obtained a signoff with risk acceptance.

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine the value for SMTP Server Maximum Outbound Connections.

Open the Exchange Management Shell and enter the following command:

Get-TransportService | Select Name, Identity, MaxOutboundConnections

If the value of "MaxOutboundConnections" is not set to "1000", this is a finding.

or

If the value of "MaxOutboundConnections" is set to a value other than "1000" and has signoff and risk acceptance in the EDSP, this is not a finding.

Vulnerability Number

V-221222

Documentable

False

Rule Version

EX16-ED-000230

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine the value for SMTP Server Maximum Outbound Connections.

Open the Exchange Management Shell and enter the following command:

Get-TransportService | Select Name, Identity, MaxOutboundConnections

If the value of "MaxOutboundConnections" is not set to "1000", this is a finding.

or

If the value of "MaxOutboundConnections" is set to a value other than "1000" and has signoff and risk acceptance in the EDSP, this is not a finding.

Check Content Reference

M

Target Key

4079

Comments