Skip to content

MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The Exchange Recipient filter must be enabled.

    <VulnDiscussion>Email system availability depends in part on best practice strategies for setting tuning configurations. Careful tuning reduc...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • The Exchange tarpitting interval must be set.

    &lt;VulnDiscussion&gt;Tarpitting is the practice of artificially delaying server responses for specific Simple Mail Transfer Protocol (SMTP) commun...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange internal Receive connectors must not allow anonymous connections.

    &lt;VulnDiscussion&gt;This control is used to limit the servers that may use this server as a relay. If a Simple Mail Transport Protocol (SMTP) sen...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty.

    &lt;VulnDiscussion&gt;Email system availability depends in part on best practice strategies for setting tuning configurations. Careful tuning reduc...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled.

    &lt;VulnDiscussion&gt;Email system availability depends in part on best practice strategies for setting tuning configurations. Careful tuning reduc...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • The Exchange Simple Mail Transfer Protocol (SMTP) Sender filter must be enabled.

    &lt;VulnDiscussion&gt;Email system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning redu...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange must have antispam filtering installed.

    &lt;VulnDiscussion&gt;Originators of spam messages are constantly changing their techniques in order to defeat spam countermeasures; therefore, spa...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange must have antispam filtering enabled.

    &lt;VulnDiscussion&gt;Originators of spam messages are constantly changing their techniques in order to defeat spam countermeasures; therefore, spa...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange must have antispam filtering configured.

    &lt;VulnDiscussion&gt;Originators of spam messages are constantly changing their techniques in order to defeat spam countermeasures; therefore, spa...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange Sender Identification Framework must be enabled.

    &lt;VulnDiscussion&gt;Email is only as secure as the recipient. When the recipient is an email server accepting inbound messages, authenticating th...
    Rule Medium Severity
  • SRG-APP-000378

    <GroupDescription></GroupDescription>
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules