STIGQter: STIG Summary: Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

Exchange must have anti-spam filtering installed.

DISA Rule

SV-228393r612748_rule

Vulnerability Number

V-228393

Group Title

SRG-APP-000261

Rule Version

EX16-MB-000490

Severity

CAT II

CCI(s)

• CCI-001308 - The information system automatically updates spam protection mechanisms.

Weight

10

Fix Recommendation

Update the EDSP with the anti-spam mechanism used.

Install the AntiSpam module.

Open the Exchange Management Shell and enter the following command:

& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1

Check Contents

Review the Email Domain Security Plan (EDSP).

Note: If using another DoD-approved antispam product for email or a DoD-approved email gateway spamming device, such as Enterprise Email Security Gateway (EEMSG), this is not applicable (NA).

Open the Exchange Management Shell and enter the following command:

Get-ContentFilterConfig | Format-Table Name,Enabled

If no value is returned, this is a finding.

Vulnerability Number

V-228393

Documentable

False

Rule Version

EX16-MB-000490

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Note: If using another DoD-approved antispam product for email or a DoD-approved email gateway spamming device, such as Enterprise Email Security Gateway (EEMSG), this is not applicable (NA).

Open the Exchange Management Shell and enter the following command:

Get-ContentFilterConfig | Format-Table Name,Enabled

If no value is returned, this is a finding.

Check Content Reference

M

Target Key

4223

Comments