STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide

V-221248

CAT II (Medium)

The Exchange Simple Mail Transfer Protocol (SMTP) Sender filter must be enabled.

Rule ID

SV-221248r961161_rule

STIG

Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation Guide

Version

V2R6

CCIs

CCI-001308

Discussion

Email system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning reduces the risk that system or network congestion will contribute to availability impacts. Filters that govern inbound email evaluation can significantly reduce spam, phishing, and spoofed emails. Filters for messages from blank senders, known spammers, or zero-day attack modifications must be enabled to be effective. Failure to enable the filter will result in no action taken. This setting should always be enabled.

Check Content

This requirement is N/A for SIPR enclaves.  

This requirement is N/A if the organization subscribes to EEMSG or other similar DoD enterprise protections for email services.

Open the Exchange Management Shell and enter the following command:
 
Get-SenderFilterConfig | Select Name, Enabled

If the value of "Enabled" is not set to "True", this is a finding.

Fix Text

Open the Exchange Management Shell and enter the following command:

Set-SenderFilterConfig -Enabled $true