UCF STIG Viewer Logo

User mailboxes are hosted on non-Mailbox Server role.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18641 EMG2-313 Exch2K3 SV-20214r1_rule ECSC-1 Medium
Description
Separation of roles supports operational security for application as well as human resources. By isolating a server role such as ‘Mailbox Role’, boundaries that pertain to Mailbox data protection need only be focused in the Mailbox data server. In this way, any Mailbox-specific attack vectors, protocol traffic requirements are more optimally secured. Mailbox data repositories should only be hosted on the Mailbox Server Role.
STIG Date
Microsoft Exchange Server 2003 2014-08-19

Details

Check Text ( C-22339r1_chk )
Ensure that mailbox stores are not configured.

Procedure: Exchange System Manager >>Administrative Groups >> [administrative group]>> Servers >> [server name] >> First Storage Group

Individual list of user mailboxes should be an empty list.

Criteria: If user mailbox list is empty, this is not a finding.
Fix Text (F-19272r1_fix)
Configure non-Mailbox Server role.

Procedure: Exchange System Manager >>Administrative Groups >> [administrative group]>> Servers >> [server name] >> First Storage Group

Remove Mailbox store and mailboxes. Note: Additional administrative tasks to modify dependent configurations may be necessary.