The Exchange POP3 service must be disabled.

An XCCDF Rule

Details
Profiles

Description

The POP3 protocol is not approved for use within the DoD. It uses a clear-text-based user name and password and does not support the DoD standard for PKI for email access. User name and password could easily be captured from the network, allowing a malicious user to access other system features. Uninstalling or disabling the service will prevent the use of the POP3 protocol.

ID: SV-207285r615936_rule
Version: EX13-MB-000095
Severity: Medium
References: CCI-000381
Updated: 24 days ago

Remediation Templates

Open the Windows Power Shell and enter the following command:

services.msc

Navigate to and double-click on Microsoft Exchange POP3 Backend.
Click on the "General" tab.

In the Startup Type: dropdown, select Disabled.

Click the OK button.

The Exchange POP3 service must be disabled.

Description

Remediation Templates

A Manual Procedure