STIGQter STIGQter: STIG Summary: MS Exchange 2010 Edge Transport Server STIG Version: 1 Release: 15 Benchmark Date: 26 Apr 2019:

Message size restrictions must be controlled on Receive connectors.

DISA Rule

SV-43981r3_rule

Vulnerability Number

V-33561

Group Title

Exch-2-705

Rule Version

Exch-2-705

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Open the Exchange Management Shell and enter the following command:

Set-ReceiveConnector -Identity <'ReceiveConnector'> -MaxMessageSize <MaxReceiveSize>

If an alternate value is desired from the global value MaxReceiveSize, obtain signoff with risk acceptance and document in the EDSP.

Check Contents

Obtain the Email Domain Security Plan (EDSP) and locate the global maximum message receive size and if signoff with risk acceptance is documented for the receive connector to have a different value.

Open the Exchange Management Shell and enter the following command:
Get-ReceiveConnector | Select Name, Identity, MaxMessageSize

or

Get-TransportConfig | Select Identity, MaxReceiveSize

Identify Internet-facing connectors on the Edge Transport server.

If 'MaxMessageSize' is set to a numeric value different from the global value, and has signoff and risk acceptance in the EDSP, this is not a finding.

If the value of ‘MaxMessageSize' is not the same as the global value, this is a finding.

Vulnerability Number

V-33561

Documentable

False

Rule Version

Exch-2-705

Severity Override Guidance

Obtain the Email Domain Security Plan (EDSP) and locate the global maximum message receive size and if signoff with risk acceptance is documented for the receive connector to have a different value.

Open the Exchange Management Shell and enter the following command:
Get-ReceiveConnector | Select Name, Identity, MaxMessageSize

or

Get-TransportConfig | Select Identity, MaxReceiveSize

Identify Internet-facing connectors on the Edge Transport server.

If 'MaxMessageSize' is set to a numeric value different from the global value, and has signoff and risk acceptance in the EDSP, this is not a finding.

If the value of ‘MaxMessageSize' is not the same as the global value, this is a finding.

Check Content Reference

M

Target Key

1995

Comments