| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-228398 | CAT III | MONT-MB-002 | Microsoft Exchange 2016 Mailbox Server S... | The Exchange Global Recipient Count Limit must be ... | - | |||
Check TextReview the Email Domain Security Plan (EDSP). Determine the global maximum message recipient count. Open the Exchange Management Shell and enter the following command: Get-TransportConfig | Select Name, Identity, MaxRecipientEnvelopeLimit If the value of "MaxRecipientEnvelopeLimit" is not set to "5000", this is a finding. or If "MaxRecipientEnvelopeLimit" is set to an alternate value and has signoff and risk acceptance in the EDSP, this is not a finding. Fix TextUpdate the EDSP to specify the global maximum message recipient count. Set-TransportConfig -MaxRecipientEnvelopeLimit 5000 or Enter the value as identified by the EDSP that has obtained a signoff with risk acceptance. Restart the Microsoft Exchange Information Store service. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MSExchange2016MB_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: CFA29C51824982F2349DD1A358C35268E97EBEE0 ~~~~~ MaxRecipientEnvelopeLimit IsUnlimited: False Value: 500 [Expected 5000]
Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_MSExchange2016MB_V2R6_20251023-152357.ckl
Scan Date: 2026-01-14T12:57:33.455034
Technology Area: Exchange Server
|
||||||||