home || catalog: SP800-53rev3 / class: Operational / family: (SI) System and Information Integrity ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC
SI

SI-01
SI-02
SI-03
SI-04
SI-05
SI-06
SI-07
SI-08 *
SI-09
SI-10
SI-11
SI-12
SI-13
MMMMM

  SI-08: Spam Protection  

base control objective:
The organization:
a. Employs spam protection mechanisms at information system entry and exit points and at workstations, servers, or mobile computing devices on the network to detect and take action on unsolicited messages transported by electronic mail, electronic mail attachments, web accesses, or other common means; and
b. Updates spam protection mechanisms (including signature definitions) when new releases are available in accordance with organizational configuration management policy and procedures.

supplemental objective information:
Information system entry and exit points include, for example, firewalls, electronic mail servers, web servers, proxy servers, and remote-access servers.

enhancements to the base objective:

(1) The organization centrally manages spam protection mechanisms.

(2) The information system automatically updates spam protection mechanisms (including signature definitions).

mapping to FIPS199 baseline:

  LOW: null     MOD: base     HIGH: base (1)  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for SI-08:

Document Date Status Title
NIST SP800-45 August, 2006 DRAFT   Guidelines on Electronic Mail Security

Search SP800-53rev3 catalog: