The Exchange Outbound Connection Limit per Domain Count must be controlled.
An XCCDF Rule
Description
<VulnDiscussion>Email system availability depends in part on best practice strategies for setting tuning configurations. This configuration controls the maximum number of simultaneous outbound connections from a domain as a delivery tuning mechanism. If the limit is too low, connections may be dropped. If the limit is too high, some domains may use a disproportionate resource share, denying access to other domains. Appropriate tuning reduces risk of data delay or loss. By default, a limit of 20 simultaneous outbound connections from a domain should be sufficient. The value may be adjusted if justified by local site conditions.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-259684r961155_rule
- Severity
- Low
- References
- Updated
Remediation - Manual Procedure
Update the EDSP to specify the "MaxPerDomainOutboundConnection" value or verify that this information is documented by the organization.
Open the Exchange Management Shell and enter the following command:
Set-TransportService -Identity <'IdentityName'> -MaxPerDomainOutboundConnections 20