MS Exchange 2010 Edge Transport Server STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Internal Receive Connectors must require encryption.
The Simple Mail Transfer Protocol (SMTP) Receive Connector is used by Exchange to send and receive messages from server to server using SMTP protocol. This setting controls the encryption strength...Rule Medium Severity -
Auto-forwarding email to remote domains must be disabled or restricted.
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure Aut...Rule Medium Severity -
Tarpitting interval must be set.
Tarpitting is the practice of artificially delaying server responses for specific SMTP communication patterns that indicate high volumes of SPAM or other unwelcome messages. The intent of tarpittin...Rule Medium Severity -
Send Connectors delivery retries must be controlled.
This setting controls the rate at which delivery attempts from the home domain are retried, user notifications are issued, and notes the expiration time when the message will be discarded. If de...Rule Low Severity -
Internal Send Connectors must use Domain Security (Mutual Authentication TLS).
The Simple Mail Transfer Protocol (SMTP) connector is used by Exchange to send and receive messages from server to server. There are several controls that work together to provide security between ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules