STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

Mail relaying must be restricted.

DISA Rule

SV-208930r603263_rule

Vulnerability Number

V-208930

Group Title

SRG-OS-000096

Rule Version

OL6-00-000249

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Edit the file "/etc/postfix/main.cf" to ensure that only the following "inet_interfaces" line appears:

inet_interfaces = localhost

Check Contents

If the system is an authorized mail relay host, this is not applicable.

Run the following command to ensure postfix accepts mail messages from only the local system:

$ grep inet_interfaces /etc/postfix/main.cf

If properly configured, the output should show only "localhost".
If it does not, this is a finding.

Vulnerability Number

V-208930

Documentable

False

Rule Version

OL6-00-000249

Severity Override Guidance

If the system is an authorized mail relay host, this is not applicable.

Run the following command to ensure postfix accepts mail messages from only the local system:

$ grep inet_interfaces /etc/postfix/main.cf

If properly configured, the output should show only "localhost".
If it does not, this is a finding.

Check Content Reference

M

Target Key

2928

Comments