STIGQter: STIG Summary: Microsoft Exchange 2013 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Microsoft Exchange 2013 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-207295r615936_rule
V-207295
SRG-APP-000231
EX13-MB-000145
CAT II
10
Update the EDSP.
Open the Exchange Management Shell and enter the following command:
Set-Mailbox | select Name, ForwardingSMTPAddress $null
Review the Email Domain Security Plan (EDSP).
Determine any accounts that have been authorized to have email auto-forwarded.
Note: If email auto-forwarding is not being used, this check is not applicable. .
Open the Exchange Management Shell and enter the following commands:
Get-Mailbox | select Name, ForwardingSMTPAddress
If any user has a forwarding SMTP address and is not documented in the EDSP, this is a finding.
Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly.
V-207295
False
EX13-MB-000145
Review the Email Domain Security Plan (EDSP).
Determine any accounts that have been authorized to have email auto-forwarded.
Note: If email auto-forwarding is not being used, this check is not applicable. .
Open the Exchange Management Shell and enter the following commands:
Get-Mailbox | select Name, ForwardingSMTPAddress
If any user has a forwarding SMTP address and is not documented in the EDSP, this is a finding.
Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly.
M
2923