UCF STIG Viewer Logo

Accepted domains must be verified.


Overview

Finding ID Version Rule ID IA Controls Severity
Exch-ED-232 Exch-ED-232 Exch-ED-232_rule Medium
Description
Exchange may be configured to except email for multiple domain names. This setting controls which domains the server will accept mail. This check verifies the email server is not excepting email for unauthorized domains.
STIG Date
Microsoft Exchange 2010 Edge Transport Server Role 2012-05-31

Details

Check Text ( C-_chk )
Obtain the Email Domain Security Plan (EDSP) and locate the "Accepted Domain" value.

Open the Exchange Management Shell and enter the following command.

Get-AcceptedDomain

If the value for "AcceptedDomains" is not set to the value in the EDSP, this is a finding.
Fix Text (F-_fix)
Open the Exchange Management Shell and enter the following command.

Set-AcceptedDomain -Identity <'ValueInEDSP'> -MakeDefault $true