| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-228378 | CAT II | MONT-MB-002 | Microsoft Exchange 2016 Mailbox Server S... | Exchange email-forwarding SMTP domains must be res... | - | |||
Check TextReview the Email Domain Security Plan (EDSP) or document that contains this information. Determine any accounts that have been authorized to have email auto-forwarded. Note: If email auto-forwarding is not being used, this check is not applicable (NA). Open the Exchange Management Shell and enter the following commands: Get-RemoteDomain | Select Name, Identity, DomainName, AutoForwardEnabled If any domain for a user forwarding SMTP address is not documented in the EDSP, this is a finding. Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly. Fix TextUpdate the EDSP to specify any accounts that have been authorized to have email auto-forwarded or verify that this information is documented by the organization. Open the Exchange Management Shell and enter the following command: Set- RemoteDomain -Identity <RemoteDomainIdParameter> Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MSExchange2016MB_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 01AD5D494759011CA51CA939267F080C3E8E3E9F ~~~~~ Default DomainName: * AutoForwardEnabled: False
Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_MSExchange2016MB_V2R6_20251023-152357.ckl
Scan Date: 2026-01-14T12:57:33.455034
Technology Area: Exchange Server
|
||||||||