STIGQter: STIG Summary: Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

Exchange must have antispam filtering installed.

DISA Rule

SV-221249r612603_rule

Vulnerability Number

V-221249

Group Title

SRG-APP-000261

Rule Version

EX16-ED-000530

Severity

CAT II

CCI(s)

• CCI-001308 - The information system automatically updates spam protection mechanisms.

Weight

10

Fix Recommendation

Install the AntiSpam module.

Open the Exchange Management Shell and enter the following command:

& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1

Check Contents

Review the Email Domain Security Plan (EDSP) for an installed antispam product.

Note: If using another DoD-approved antispam product for email or a DoD-approved Email Gateway spamming device, such as Enterprise Email Security Gateway (EEMSG), this is not applicable.

Open the Exchange Management Shell and enter the following command:

Get-ContentFilterConfig | Format-Table Name, Enabled

If no value is returned, this is a finding.

Vulnerability Number

V-221249

Documentable

False

Rule Version

EX16-ED-000530

Severity Override Guidance

Review the Email Domain Security Plan (EDSP) for an installed antispam product.

Note: If using another DoD-approved antispam product for email or a DoD-approved Email Gateway spamming device, such as Enterprise Email Security Gateway (EEMSG), this is not applicable.

Open the Exchange Management Shell and enter the following command:

Get-ContentFilterConfig | Format-Table Name, Enabled

If no value is returned, this is a finding.

Check Content Reference

M

Target Key

4079

Comments