STIGQter STIGQter: STIG Summary: Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

Exchange message size restrictions must be controlled on Send connectors.

DISA Rule

SV-221223r612603_rule

Vulnerability Number

V-221223

Group Title

SRG-APP-000247

Rule Version

EX16-ED-000240

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Update the EDSP to reflect the maximum message send size.

Open the Exchange Management Shell and enter the following command:

Set-SendConnector -Identity <'IdentityName'> -MaxMessageSize <MaxSendSize>

Note: The <IdentityName> value must be in single quotes.

or

The value as identified by the EDSP that has obtained a signoff with risk acceptance.

Repeat the procedure for each send connector.

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine the maximum message send size.

Open the Exchange Management Shell and enter the following command:

Get-SendConnector | Select Name, Identity, MaxMessageSize

For each send connector, if the value of "MaxMessageSize" is not the same as the global value, this is a finding.

or

If "MaxMessageSize" is set to a numeric value different from the maximum message send size value documented in the EDSP, this is a finding.

Vulnerability Number

V-221223

Documentable

False

Rule Version

EX16-ED-000240

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine the maximum message send size.

Open the Exchange Management Shell and enter the following command:

Get-SendConnector | Select Name, Identity, MaxMessageSize

For each send connector, if the value of "MaxMessageSize" is not the same as the global value, this is a finding.

or

If "MaxMessageSize" is set to a numeric value different from the maximum message send size value documented in the EDSP, this is a finding.

Check Content Reference

M

Target Key

4079

Comments