Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-228392 | EX16-MB-000480 | SV-228392r612748_rule | Medium |
Description |
---|
Spam originators, in an effort to refine mailing lists, sometimes monitor transmissions for automated bounce-back messages. Automated messages include such items as "Out of Office" responses, nondelivery messages, and automated message forwarding. Automated bounce-back messages can be used by a third party to determine if users exist on the server. This can result in the disclosure of active user accounts to third parties, paving the way for possible future attacks. |
STIG | Date |
---|---|
Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide | 2021-03-25 |
Check Text ( C-30625r496972_chk ) |
---|
Open the Exchange Management Shell and enter the following command: Get-RemoteDomain | Select Name, DomainName, Identity, AllowedOOFType If the value of "AllowedOOFType" is not set to "InternalLegacy", this is a finding. |
Fix Text (F-30610r496973_fix) |
---|
Open the Exchange Management Shell and enter the following command: Set-RemoteDomain -Identity <'IdentityName'> -AllowedOOFType 'InternalLegacy' Note: The |