Details
You can use this setting to determine if the server automatically forwards out-of-office messages to remote domains.
Rationale:
Attackers can use automated messages to determine whether a user is active, in the office, traveling, and so on. An attacker might use this information to conduct other types of attacks.
Solution
To implement the recommended state, execute the following PowerShell cmdlet:
Set-RemoteDomain ‘RemoteDomain’ -AllowedOOFType None
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.