Title

SMTP Maximum outbound connections are not at 1000, or an alternate value is not documented in System Security Plan. (Cat III impact)

Discussion

E-Mail system availability depends in part on best practices strategies for setting tuning configurations. This setting controls the maximum number of simultaneous outbound connections allowed for a given SMTP Virtual Server, and can be used to throttle the SMTP service if resource constraints warrant it. If the limit is too low, connections may be dropped. If too high, some domains may use a disproportionate resource share, denying access to other domains. Appropriate tuning reduces risk of data delay or loss.

Check Content

Access the mail server outbound connection configuration. Procedure: Exchange System Manager >> administrative groups >> [administrative group] >> Servers >> [Server] >> Protocols >> SMTP >> [specific SMTP server] >> properties >> Delivery tab >> Outbound Connections button The “Maximum Outbound Connections” should be set to 1000, or an alternate value that is documented in the System Security Plan. Criteria: If the "Maximum Outbound Connections" is at 1000, or set to an alternate value that is explained in the System Securtiy Plan, this is not a finding.

Fix Text

Set the maximum outbound connection count. Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Servers >> [Server] >> Protocols >> SMTP >> [specific SMTP server] >> Properties >> Delivery tab >> Outbound Connections button Enter 1000 for "Maximum Outbound Connections", or enter an alternate value if local site conditions warrant it, and document it in the System Security Plan.

Additional Identifiers

Rule ID: SV-20318r1_rule

Vulnerability ID: V-18689

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.