II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
Exch-2-760
Group -
Send Connector connections count must be limited.
This setting controls the maximum number of simultaneous outbound connections allowed for a given SMTP Connector, and can be used to throttle the SMTP service if resource constraints warrant it. I...Rule Low Severity -
Exch-2-763
Group -
Internal Send Connectors must use Domain Security (Mutual Authentication TLS).
The Simple Mail Transfer Protocol (SMTP) connector is used by Exchange to send and receive messages from server to server. There are several controls that work together to provide security between ...Rule Medium Severity -
Exch-2-766
Group -
Internal Send Connectors must require encryption.
The Simple Mail Transfer Protocol (SMTP) connector is used by Exchange to send and receive messages from server to server. There are several controls that work together to provide security between ...Rule Medium Severity -
Exch-2-771
Group -
Internet facing send Connectors must specify a Smart Host.
In the case of identifying a 'Smart Host' for the email environment, a logical send connector is the preferred method. A 'Smart Host' acts as an Internet Facing Concentrator for other email serve...Rule Medium Severity -
Exch-2-801
Group -
Connectivity logging must be enabled.
A connectivity log is a record of the SMTP connection activity of the outbound message delivery queues to the destination Mailbox server, smart host, or domain. Connectivity logging is available on...Rule Medium Severity -
Exch-2-805
Group -
Exchange must not send delivery reports to remote domains.
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure tha...Rule Medium Severity -
Exch-2-808
Group -
Exchange must not send non-delivery reports to remote domains.
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure tha...Rule Medium Severity -
Exch-2-811
Group -
External/Internet bound automated response messages must be disabled.
SPAM originators, in an effort to refine mailing lists, sometimes use a technique where they monitor transmissions for automated bounce back messages, such as 'Out of Office' messages. Automated m...Rule Medium Severity -
Exch-2-814
Group -
Exchange must not send auto replies to remote domains.
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Remote use...Rule Medium Severity -
Exch-2-817
Group -
Email Diagnostic log level must be set to low or lowest level.
Log files help establish a history of activities, and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. Diagnostic logging, however, characterist...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.