Title

E-mail SMTP services are using Non-PPSM compliant ports. (Cat II impact)

Discussion

Standard defined ports and protocols should be used for all Exchange services. The standard port for regular SMTP connections is 25. Changing the ports to non-standard values provides only temporary and limited protection against automated attacks since these attacks will not connect to the custom port. A determined attacker may still be able to determine which ports are used for the SMTP by performing a comprehensive port scan Negative impacts of using non-standard ports include complexity for the system administrator, custom configurations for connecting clients, risk of port conflict with non-exchange applications, and risk of incompatibility with standard port monitoring applications.

Check Content

Verify that SMTP services are deployed on compliant ports and protocols. Procedure: Exchange system manager >> administrative groups >> [administrative groups]>>Servers >> [server]>>Protocols >> SMTP >> [specific SMTP server] >> Properties >> Delivery Tab >> Outbound connections button >> TCP Port For SMTP, port 25 should be entered. Criteria: If 25 is entered for the SMTP port, this is not a finding.

Fix Text

Enter the SMTP compliant ports. Procedure: Exchange system manager >> administrative groups >> [administrative groups]>>Servers >> [server]>>Protocols >> SMTP >> [specific SMTP server] >> Properties >> Delivery Tab >> Outbound Connections button >> TCP Port For SMTP, enter 25.

Additional Identifiers

Rule ID: SV-20411r1_rule

Vulnerability ID: V-18734

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.