Accepted domains must be configured.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33622 | Exch-2-005 | SV-44042r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Exchange may be configured to accept email for multiple domain names. This setting identifies the domains for which the server will accept mail. This check verifies the email server is not accepting email for unauthorized domains. |
| STIG | Date |
|---|---|
| MS Exchange 2010 Edge Transport Server STIG | 2019-03-21 |
Details
| Check Text ( C-41729r1_chk ) |
|---|
| Obtain the Email Domain Security Plan (EDSP) and locate the 'Accepted Domain' values. Open the Exchange Management Shell and enter the following command: Get-AcceptedDomain If the value for 'AcceptedDomains' is not set to the value in the EDSP, this is a finding. |
| Fix Text (F-37514r1_fix) |
|---|
| Open the Exchange Management Shell and enter the following command: Set-AcceptedDomain -Identity <'ValueInEDSP'> -MakeDefault $true |