STIGQter: STIG Summary: MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Apr 2019:

The Exchange Sender filter must block unaccepted domains.

DISA Rule

SV-84489r1_rule

Vulnerability Number

V-69867

Group Title

SRG-APP-000261

Rule Version

EX13-EG-000180

Severity

CAT II

CCI(s)

• CCI-001308 - The information system automatically updates spam protection mechanisms.

Weight

10

Fix Recommendation

Update the EDSP.

Open the Exchange Management Shell and enter the following command:

For BlockedDomains:

Set-SenderFilterConfig -BlockedDomains <BlockedDomain>

Repeat the procedure for each domain that is to be blocked.

or

For BlockedDomainsAndSubdomains:

Set-SenderFilterConfig -BlockedDomainsAndSubdomains <BlockedDomainAndSubdomain>

Repeat the procedure for each domain and all of its subdomains that are to be blocked.

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine the unaccepted domains that are to be blocked.

Open the Exchange Management Shell and enter the following command:

Get-SenderFilterConfig | Select Name, BlockedDomains, BlockedDomainsAndSubdomains

If the value for BlockedDomains or BlockedDomainsAndSubdomains does not reflect the list of accepted domains, this is a finding.

Vulnerability Number

V-69867

Documentable

False

Rule Version

EX13-EG-000180

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine the unaccepted domains that are to be blocked.

Open the Exchange Management Shell and enter the following command:

Get-SenderFilterConfig | Select Name, BlockedDomains, BlockedDomainsAndSubdomains

If the value for BlockedDomains or BlockedDomainsAndSubdomains does not reflect the list of accepted domains, this is a finding.

Check Content Reference

M

Target Key

3099

Comments