Exchange must render hyperlinks from email sources from non-.mil domains as unclickable.

An XCCDF Rule

Description

Active hyperlinks within an email are susceptible to attacks of malicious software or malware. The hyperlink could lead to a malware infection or redirect the website to another fraudulent website without the user's consent or knowledge. Exchange does not have a built-in message filtering capability. DOD Enterprise Email (DEE) has created a custom resolution to filter messages from non-.mil users that have hyperlinks in the message body. The hyperlink within the messages will be modified, preventing end users from automatically clicking links.

ID: SV-259643r961638_rule
Version: EX19-ED-000238
Severity: Medium
References: CCI-002420
Updated: about 2 months ago

Remediation Templates

Update the EDSP to reflect the name of the Transport Agent.

Contact the DISA Enterprise Email Service Desk at disa.tinker.eis.mbx.dod-enterprise-services-service-desk@mail.mil and request the Agent and installation procedures.

or

Contact DEE Engineering PMO and request the Agent and installation procedures.

Exchange must render hyperlinks from email sources from non-.mil domains as unclickable.

Description

Remediation Templates

A Manual Procedure