Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-33599 | Exch-2-808 | SV-44019r1_rule | ECSC-1 | Medium |
Description |
---|
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure that non-delivery reports to remote domains are disabled. Before enabling this setting first configure a remote domain using the EMC or the New-RemoteDomain cmdlet. |
STIG | Date |
---|---|
Exchange 2010 Edge Transport Server STIG | 2015-12-02 |
Check Text ( C-41706r2_chk ) |
---|
Open the Exchange Management Shell and enter the following command: Get-RemoteDomain | select identity, NDREnabled If the value of 'NDREnabled' is not set to 'False', this is a finding. |
Fix Text (F-37491r1_fix) |
---|
Open the Exchange Management Shell and enter the following command: Set-RemoteDomain -Identity <'RemoteDomainName'> -NDREnabled $false |