| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-228572 | CAT II | SCHR-P3-DP-001 | Microsoft IIS 10.0 Server Security Techn... | An IIS Server configured to be a SMTP relay must r... | - | |||
Check TextInterview the System Administrator about the role of the IIS 10.0 web server. If the IIS 10.0 web server is running SMTP relay services, have the SA provide supporting documentation on how the server is hardened. A DoD-issued certificate, and specific allowed IP address should be configured. If the IIS web server is not running SMTP relay services, this is Not Applicable. If the IIS web server running SMTP relay services without TLS enabled, this is a finding. If the IIS web server running SMTP relay services is not configured to only allow a specific IP address, from the same network as the relay, this is a finding. Fix TextConfigure the relay server with a specific allowed IP address, from the same network as the relay, and implement TLS. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-IIS10_0_Server_Checks) was unable to determine a Status but found the below configuration on 03/05/2026: ResultHash: 3B7C7319D6AEB5A130CFDA357A0A502827AB79ED ~~~~~ SMTP-Server Feature: Available System is not listening on port 25. Confirm there are no SMTP relays using a custom port. If no SMTP relays exist, this may be marked as 'Not Applicable'. CommentsThe IIS web server is not running SMTP relay services, this is Not Applicable.
Source: SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb
Scan Date: 2026-03-12T15:38:14.420977
Technology Area: Web Review
|
||||||||