Auto-forwarding email to remote domains must be disabled or restricted.

An XCCDF Rule

Description

<VulnDiscussion>Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure Automatic Forwards to remote domains are disabled, except for enterprise mail that must be restricted to forward-only to .mil and .gov. domains. Before enabling this setting first configure a remote domain. </VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-43996r2_rule
Severity: Medium
Updated: about 1 year ago

Non- Enterprise Mail Fix Text:

Open the Exchange Management Shell and enter the following command:

Set-RemoteDomain -Identity <'RemoteDomainName'> -AutoForwardEnabled $false 
Enterprise Mail Fix Text:

New-RemoteDomain -Name <Descriptive Name> -DomainName <SMTP address space>

Set-RemoteDomain -Identity <'RemoteDomainName'> -AutoForwardEnabled $true

Auto-forwarding email to remote domains must be disabled or restricted.

Description

Remediation - Manual Procedure