STIGQter STIGQter: STIG Summary: Microsoft Exchange 2013 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Exchange email forwarding must be restricted.

DISA Rule

SV-207295r615936_rule

Vulnerability Number

V-207295

Group Title

SRG-APP-000231

Rule Version

EX13-MB-000145

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Update the EDSP.

Open the Exchange Management Shell and enter the following command:

Set-Mailbox | select Name, ForwardingSMTPAddress $null

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine any accounts that have been authorized to have email auto-forwarded.

Note: If email auto-forwarding is not being used, this check is not applicable. .

Open the Exchange Management Shell and enter the following commands:

Get-Mailbox | select Name, ForwardingSMTPAddress
If any user has a forwarding SMTP address and is not documented in the EDSP, this is a finding.

Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly.

Vulnerability Number

V-207295

Documentable

False

Rule Version

EX13-MB-000145

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine any accounts that have been authorized to have email auto-forwarded.

Note: If email auto-forwarding is not being used, this check is not applicable. .

Open the Exchange Management Shell and enter the following commands:

Get-Mailbox | select Name, ForwardingSMTPAddress
If any user has a forwarding SMTP address and is not documented in the EDSP, this is a finding.

Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly.

Check Content Reference

M

Target Key

2923

Comments