Message size restrictions are specified on routing group connectors.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-18686	EMG2-710 Exch2K3	SV-20312r1_rule	ECSC-1	Medium

Description
E-Mail system availability depends in part on best practices strategies for setting tuning configurations. For message size restrictions, multiple places exist to set or override inbound or outbound message size. Failure to control the configuration strategy can result in loss of data or system availability. This setting enables the administrator to control the maximum size of outgoing messages on a Routing Group connector. It is recommended that, in general, no limits are applied at the connector level. This is done so that connectors do not end up prohibiting the delivery of messages that would otherwise be permitted by the Exchange configuration at the virtual server level. Using connectors to control size limits at an enterprise-wide level is discouraged since the limits would need to be applied to every potential connector in order to create an effective enterprise-wide limit.

Description

E-Mail system availability depends in part on best practices strategies for setting tuning configurations. For message size restrictions, multiple places exist to set or override inbound or outbound message size. Failure to control the configuration strategy can result in loss of data or system availability. This setting enables the administrator to control the maximum size of outgoing messages on a Routing Group connector. It is recommended that, in general, no limits are applied at the connector level. This is done so that connectors do not end up prohibiting the delivery of messages that would otherwise be permitted by the Exchange configuration at the virtual server level. Using connectors to control size limits at an enterprise-wide level is discouraged since the limits would need to be applied to every potential connector in order to create an effective enterprise-wide limit.

STIG	Date
Microsoft Exchange Server 2003	2014-08-19

Details

Check Text ( C-22404r1_chk )
Validate Simple Mail Transfer Protocol (SMTP) connector configurations. Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Routing Groups >> [routing group] >> Connectors>> [Routing Group connector] >> Properties >> Content Restriction tab >> Allowed Sizes The “Only messages less than (KB)” checkbox should be cleared. Criteria: If “Only messages less than (KB)” checkbox is cleared, this is not a finding.

Check Text ( C-22404r1_chk )

Validate Simple Mail Transfer Protocol (SMTP) connector configurations.

Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Routing Groups >> [routing group] >> Connectors>> [Routing Group connector] >> Properties >> Content Restriction tab >> Allowed Sizes

The “Only messages less than (KB)” checkbox should be cleared.

Criteria: If “Only messages less than (KB)” checkbox is cleared, this is not a finding.

Fix Text (F-19332r1_fix)
Configure Simple Mail Tranfer Protocol (SMTP) Connectors. Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Routing Groups >> [routing group] >> Connectors>> [Routing Group connector] >> Properties >> Content Restriction tab >> Allowed Sizes Clear the “Only messages less than (KB)” checkbox.