Detections
Analytics

WG330 IIS6 - A public web server must limit e-mail to outbound only.

Information

Incoming e-mails have been known to provide hackers with access to servers. Disabling the incoming mail service prevents this type of attacks. Additionally, e-mail is a specialized application requiring the dedication of server resources. A production web server should only provide hosting services for web sites. Supporting mail services on a web server opens the server to the risk of abuse as an e-mail relay.

 NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Disable the SMTP service. If other e-mail programs are running, remove them.

See Also

http://iasecontent.disa.mil/stigs/zip/July2015/U_IIS_6-0_V6R16_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-38328r1_rule, STIG-ID|WG330_IIS6, Vuln-ID|V-2261

Plugin: Windows

Control ID: e0cea2025f1698836f720123b17bb9994e364373c4b981603ae1248eeb299449