EX16-MB-000520 – Exchange must not send automated replies to remote domains.

Details

Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Remote users will not receive automated ‘Out of Office’ delivery reports. This setting can be used to determine if all the servers in the organization can send ‘Out of Office’ messages.

Solution

Open the Exchange Management Shell and enter the following command:

Set-RemoteDomain -Identity <'IdentityName'> -AutoReplyEnabled $false

Note: The value must be in single quotes.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2016_Y21M07_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.

References

800-53|SI-8(2)
CAT|II
CCI|CCI-001308
Rule-ID|SV-228396r612748_rule
STIG-ID|EX16-MB-000520
STIG-Legacy|SV-95417
STIG-Legacy|V-80707
Vuln-ID|V-228396

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles