STIGQter: STIG Summary: Microsoft Exchange 2013 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Exchange Mail Quota settings must not restrict receiving mail.

DISA Rule

SV-207298r615936_rule

Vulnerability Number

V-207298

Group Title

SRG-APP-000246

Rule Version

EX13-MB-000160

Severity

CAT III

CCI(s)

• CCI-001094 - The information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems.

Weight

10

Fix Recommendation

Update the EDSP.

Open the Exchange Management Shell and enter the following command:

Set-MailboxDatabase -Identity <'IdentityName'> -ProhibitSendQuota <'QuotaLimit'>

Note: The <IdentityName> and <QuotaLimit> values must be in quotes.

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine the value for Prohibit Send Quota Limit.

Open the Exchange Management Shell and enter the following command:

Get-MailboxDatabase | Select Name, Identity, ProhibitSendQuota

If the value of ProhibitSendQuota is not set to the site's Prohibit Send Quota Limit, this is a finding.

Vulnerability Number

V-207298

Documentable

False

Rule Version

EX13-MB-000160

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine the value for Prohibit Send Quota Limit.

Open the Exchange Management Shell and enter the following command:

Get-MailboxDatabase | Select Name, Identity, ProhibitSendQuota

If the value of ProhibitSendQuota is not set to the site's Prohibit Send Quota Limit, this is a finding.

Check Content Reference

M

Target Key

2923

Comments