UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Exchange messages with malformed From address must be rejected.


Overview

Finding ID Version Rule ID IA Controls Severity
V-69881 EX13-EG-000215 SV-84503r1_rule Medium
Description
Sender Identification (SID) is an email antispam sanitization process. Sender ID uses DNS MX record lookups to verify the Simple Mail Transfer Protocol (SMTP) sending server is authorized to send email for the originating domain. Failure to implement Sender ID risks that spam could be admitted into the email domain that originates from rogue servers. Most spam content originates from domains where the IP address has been spoofed prior to sending, thereby avoiding detection. For example, messages with malformed or incorrect "purported responsible sender" data in the message header could be (best case) created by using RFI noncompliant software but is more likely to be spam.
STIG Date
MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide 2017-01-04

Details

Check Text ( C-70349r2_chk )
Open the Exchange Management Shell and enter the following command:

Get-SenderIdConfig | Select Name, Identity, SpoofedDomainAction

If the value of SpoofedDomainAction is not set to Reject, this is a finding.
Fix Text (F-76111r1_fix)
Open the Exchange Management Shell and enter the following command:

Set-SenderIdConfig -SpoofedDomainAction Reject