Details
If outgoing mail is formatted in certain ways, for example, if attachments are encoded in UUENCODE format, attackers might manipulate the messages for their own purposes. If UUENCODE formatting is used, an attacker could manipulate the encoded attachment to bypass content filtering software.
Outlook 2013 automatically wraps plain text messages and uses the standard MIME format to encode attachments in plain text messages. However, these settings can be altered to allow email to be read in plain text email programs that use a nonstandard line length or that cannot process MIME attachments.
Solution
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Outlook Options -> Mail format -> Internet Formatting ‘Plain text -> options’ to ‘Enabled’ where line length is ‘132’ and that NO Check is visible in the ‘Encode all attachments in UUENCODE format when sending a plain text message’ check box option.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.
References
- 800-53|SC-8
- CAT|II
- CCI|CCI-002418
- Rule-ID|SV-53887r2_rule
- STIG-ID|DTOO228
- Vuln-ID|V-17761