Vulnerability V-228377

Review the Email Domain Security Plan (EDSP). Determine any accounts that have been authorized to have email auto-forwarded. Note: If email auto-forwarding is not being used, this check is not applicable. . Open the Exchange Management Shell and enter the following commands: Get-Mailbox | Select Name, Identity, Filter If any user has a forwarding SMTP address and is not documented in the EDSP, this is a finding. Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly.

Update the EDSP. Open the Exchange Management Shell and enter the following command: Set-Mailbox -Identity <'IdentityName'> -ForwardingSMTPAdddress $null Note: The <IdentityName> value must be in quotes.