STIGQter: STIG Summary: Exchange 2010 Mailbox Server STIG Version: 1 Release: 10 Benchmark Date: 28 Jul 2017: STIGQter: STIG Summary: Exchange 2010 Mailbox Server STIG Version: 1 Release: 10 Benchmark Date: 28 Jul 2017:SV-44025r2_rule
V-33605
Exch-1-321
Exch-1-321
CAT II
10
Open the Exchange Management Shell and enter the following command:
Set-Mailbox -Identity <'UserWithForwardedAddress'> -ForwardingSMTPAdddress $null
Access Active Directory for mailbox enabled user accounts with the msExchGenericForwardingAddress attribute set. Obtain the Email Domain Security Plan (EDSP) and locate any accounts that have been authorized to have email auto-forwarded.
Open the Exchange Management Shell and enter the following commands:
Get-Mailbox -Filter {ForwardingSMTPAddress -ne $null}
If any user has a forwarding SMTP address and is not documented in the EDSP, this is a finding.
Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly. This requirement works with Exch-1-324.
V-33605
False
Exch-1-321
Access Active Directory for mailbox enabled user accounts with the msExchGenericForwardingAddress attribute set. Obtain the Email Domain Security Plan (EDSP) and locate any accounts that have been authorized to have email auto-forwarded.
Open the Exchange Management Shell and enter the following commands:
Get-Mailbox -Filter {ForwardingSMTPAddress -ne $null}
If any user has a forwarding SMTP address and is not documented in the EDSP, this is a finding.
Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly. This requirement works with Exch-1-324.
M
1995