STIGQter: STIG Summary: MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Apr 2019:

Exchange must have antispam filtering installed.

DISA Rule

SV-84523r1_rule

Vulnerability Number

V-69901

Group Title

SRG-APP-000261

Rule Version

EX13-EG-000265

Severity

CAT II

CCI(s)

• CCI-001308 - The information system automatically updates spam protection mechanisms.

Weight

10

Fix Recommendation

Update the EDSP.

Install the AntiSpam module.

Open the Exchange Management Shell and enter the following command:

& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1

Check Contents

Review the Email Domain Security Plan (EDSP).

Note: If using another DoD-approved antispam product for email or a DoD-approved Email Gateway spamming device, such as Enterprise Email Security Gateway (EEMSG), this is not applicable.

Open the Exchange Management Shell and enter the following command:

Get-ContentFilterConfig | Format-Table Name, Enabled

If no value is returned, this is a finding.

Vulnerability Number

V-69901

Documentable

False

Rule Version

EX13-EG-000265

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Note: If using another DoD-approved antispam product for email or a DoD-approved Email Gateway spamming device, such as Enterprise Email Security Gateway (EEMSG), this is not applicable.

Open the Exchange Management Shell and enter the following command:

Get-ContentFilterConfig | Format-Table Name, Enabled

If no value is returned, this is a finding.

Check Content Reference

M

Target Key

3099

Comments