V-228378
CAT IIExchange email-forwarding SMTP domains must be restricted.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review the Email Domain Security Plan (EDSP) or document that contains this information.
Determine any accounts that have been authorized to have email auto-forwarded.
Note: If email auto-forwarding is not being used, this check is not applicable (NA).
Open the Exchange Management Shell and enter the following commands:
Get-RemoteDomain | Select Name, Identity, DomainName, AutoForwardEnabled
If any domain for a user forwarding SMTP address is not documented in the EDSP, this is a finding.
Note: If no remote SMTP domain matching the mail-enabled user or contact that allows forwarding is configured for users identified with a forwarding address, this function will not work properly.
Fix Text
Update the EDSP to specify any accounts that have been authorized to have email auto-forwarded or verify that this information is documented by the organization.
Open the Exchange Management Shell and enter the following command:
Set- RemoteDomain -Identity <RemoteDomainIdParameter>
STIG Reference
- STIG
- Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide
- Version
- 2
- Release
- 6
- Rule ID
- SV-228378r879642_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_MSExchange2016MB_V2R6_20251023-152357.ckl | Unassigned | 2026-01-14T12:57:33.455034 | View in Context |