UCF STIG Viewer Logo

Junk e-mail level must be enabled at a setting of High.


Overview

Finding ID Version Rule ID IA Controls Severity
V-223351 O365-OU-000006 SV-223351r744261_rule Medium
Description
This policy setting controls your Junk E-mail protection level. The Junk E-mail Filter in Outlook helps to prevent junk e-mail messages, also known as spam, from cluttering user's Inbox. The filter evaluates each incoming message based on several factors, including the time when the message was sent and the content of the message. The filter does not single out any particular sender or message type, but instead analyzes each message based on its content and structure to discover whether or not it is probably spam. If you enable this policy setting, you can select one of the four listed options available. After you select an option, users will not be able to change it. If you disable this policy setting, Outlook reverts to the user-defined protection level. If you do not configure this policy setting, users can change their junk e-mail filtering options.
STIG Date
Microsoft Office 365 ProPlus Security Technical Implementation Guide 2021-12-17

Details

Check Text ( C-25024r744260_chk )
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Outlook Options >> Preferences >> Junk E-mail >> Junk E-mail protection level is set to "High".

Use the Windows Registry Editor to navigate to the following key:

HKCU\software\policies\microsoft\office\16.0\outlook\options\mail

If the value junkmailprotection is set to "3", this is not a finding.
Fix Text (F-25012r442273_fix)
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Outlook Options >> Preferences >> Junk E-mail >> Junk E-mail protection level to "High".