STIGQter STIGQter: STIG Summary: MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Apr 2019:

Exchange message size restrictions must be controlled on Send connectors.

DISA Rule

SV-84451r1_rule

Vulnerability Number

V-69829

Group Title

SRG-APP-000247

Rule Version

EX13-EG-000120

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Update the EDSP.

Open the Exchange Management Shell and enter the following command:

Set-SendConnector -Identity <'IdentityName'> -MaxMessageSize <MaxSendSize>

Note: The <IdentityName> value must be in quotes.

or

The value as identified by the EDSP that has obtained a signoff with risk acceptance.

Repeat the procedure for each Send connector.

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine the maximum message send size.

Open the Exchange Management Shell and enter the following command:

Get-SendConnector | Select Name, Identity, MaxMessageSize

For each Send connector, if the value of MaxMessageSize is not the same as the global value, this is a finding.

or

If MaxMessageSize is set to a numeric value different from the maximum message send size value documented in the EDSP, this is a finding.

Vulnerability Number

V-69829

Documentable

False

Rule Version

EX13-EG-000120

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine the maximum message send size.

Open the Exchange Management Shell and enter the following command:

Get-SendConnector | Select Name, Identity, MaxMessageSize

For each Send connector, if the value of MaxMessageSize is not the same as the global value, this is a finding.

or

If MaxMessageSize is set to a numeric value different from the maximum message send size value documented in the EDSP, this is a finding.

Check Content Reference

M

Target Key

3099

Comments