Title

SMTP Virtual Server is not bound to the PPSM Standard Port. (Cat II impact)

Discussion

PPSM Standard defined ports and protocols must be used for all Exchange services. The default port for SMTP connections is 25. Changing the ports to non-standard values provides only temporary and limited protection against automated attacks since these attacks will not likely connect to the custom port. A determined attacker may still be able to determine which ports are used for the SMTP by performing a comprehensive port scan. Negative impacts of using non-standard ports include complexity for the system administrator, custom configurations required for connecting clients, risk of port conflict with non-exchange applications, and risk of incompatibility with port monitoring applications. Since changing the port introduces a large amount of complexity for a relatively small gain, the DoD PPSM requires that standard SMTP ports be used.

Check Content

Verify that E-mail Virtual server is bound on SMTP port 25. Procedure: Exchange system manager >> administrative groups >> [administrative groups]>>Servers >> [server]>>Protocols >> SMTP >> [specific SMTP server] >> properties >> General Tab >> Advanced >>Edit>> TCP Port Port 25 for SMTP should be entered. Criteria: If 25 is entered for SMTP, this is not a finding.

Fix Text

Enter 25 for SMTP on each SMTP Virtual Server Procedure: Exchange system manager >> administrative groups >> [administrative groups]>>Servers >> [server]>>Protocols >> SMTP >> [specific SMTP server] >> properties >> General Tab >> Advanced >>Edit>> TCP Port Enter 25 for SMTP.

Additional Identifiers

Rule ID: SV-20413r1_rule

Vulnerability ID: V-18735

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.