Exchange must not send non-delivery reports to remote domains.
An XCCDF Rule
Description
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure that non-delivery reports to remote domains are disabled. Before enabling this setting first configure a remote domain using the EMC or the New-RemoteDomain cmdlet.
| Property | Value |
|---|---|
| IA Controls | ECSC-1 |
- ID
- SV-44019r1_rule
- Version
- Exch-2-808
- Severity
- Medium
- Updated
Remediation Templates
A Manual Procedure
Open the Exchange Management Shell and enter the following command:
Set-RemoteDomain -Identity <'RemoteDomainName'> -NDREnabled $false