Exchange external/Internet-bound automated response messages must be disabled.
An XCCDF Rule
Description
<VulnDiscussion>Spam originators, in an effort to refine mailing lists, sometimes monitor transmissions for automated bounce-back messages. Automated messages include such items as "Out of Office" responses, nondelivery messages, or automated message forwarding. Automated bounce-back messages can be used by a third party to determine if users exist on the server. This can result in the disclosure of active user accounts to third parties, paving the way for possible future attacks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-207314r615936_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Open the Exchange Management Shell and enter the following command:
Set-RemoteDomain -Identity <'IdentityName'> -AllowedOOFType 'InternalLegacy'
Note: The <IdentityName> and InternalLegacy values must be in quotes.