STIGQter: STIG Summary: Exchange 2010 Mailbox Server STIG Version: 1 Release: 10 Benchmark Date: 28 Jul 2017:

Email forwarding SMTP domains must be restricted.

DISA Rule

SV-50976r1_rule

Vulnerability Number

V-39160

Group Title

Exch-1-324

Rule Version

Exch-1-324

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Open the Exchange Management Shell and enter the following command:

Set- RemoteDomain -Identity <RemoteDomainIdParameter>

Check Contents

Obtain the Email Domain Security Plan (EDSP) and locate any accounts that have been authorized to have email auto-forwarded.

Open the Exchange Management Shell and enter the following commands:

Get-RemoteDomain | select name, AutoForwardEnabled

If any domain for user forwarding SMTP address is not documented in the EDSP, this is a finding.

Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly. This requirement works with Exch-1-321.

Vulnerability Number

V-39160

Documentable

False

Rule Version

Exch-1-324

Severity Override Guidance

Obtain the Email Domain Security Plan (EDSP) and locate any accounts that have been authorized to have email auto-forwarded.

Open the Exchange Management Shell and enter the following commands:

Get-RemoteDomain | select name, AutoForwardEnabled

If any domain for user forwarding SMTP address is not documented in the EDSP, this is a finding.

Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly. This requirement works with Exch-1-321.

Check Content Reference

M

Target Key

1995

Comments