Outbound Connection Limit per Domain Count must be controlled.
An XCCDF Rule
Description
<VulnDiscussion>Email system availability depends in part on best practices strategies for setting tuning configurations. This configuration controls the maximum number of simultaneous outbound connections from a domain, and works in conjunction with the Maximum Outbound Connections Count setting as a delivery tuning mechanism. If the limit is too low, connections may be dropped. If too high, some domains may use a disproportionate resource share, denying access to other domains. Appropriate tuning reduces risk of data delay or loss. By default, a limit of 20 simultaneous outbound connections from a domain should be sufficient. The value may be adjusted if justified by local site conditions.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-44055r2_rule
- Severity
- Low
- Updated
Remediation - Manual Procedure
Open the Exchange Management Shell and enter the following command:
Set-TransportServer -Identity <'ServerUnderReview'> -MaxPerDomainOutboundConnections 20
If an alternate value is desired, obtain signoff with risk acceptance and document in the EDSP.