Public Folder “Send on Behalf of” feature is in use.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18658 | EMG2-511 Exch2K3 | SV-20260r1_rule | ECSC-1 | Low |
| Description |
|---|
| The principle of non-repudiation gives a message recipient the assurance that the message can be attributed to the named sender. If users are allowed to send on behalf of other parties, it introduces risk that receivers may never realize the identity of the actual sender of the message. This can enable nefarious senders to mask their activities. The “Send on Behalf” field should be cleared (messages are not sent on behalf of any party). While the full “from” field displays both the actual sender as well as who the message is on behalf of, in many instances only the party on whose behalf the message was sent may be seen. If “Send on behalf” is used, accounts with the ability should be documented and monitored to ensure this privilege is not being abused. |
| STIG | Date |
|---|---|
| Microsoft Exchange Server 2003 | 2014-08-19 |
Details
| Check Text ( C-22377r1_chk ) |
|---|
| If Public Folders are not in use, this is N/A. Review the 'Send on behalf of' field. Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Folders >> Public Folders >> [Public Folder] >> Properties >> Exchange General tab >> Delivery Options button. The “Send on Behalf of” list should be empty. Criteria: If the “Send on Behalf” list is empty, this is not a finding. |
| Fix Text (F-19306r1_fix) |
|---|
| Disable the Public Folder “send on behalf of” feature. Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Folders >> Public Folders [Public Folder] >> Properties >> Exchange General Tab >> Delivery Options Button. Empty the “Send on Behalf of” list. |