6.2.1 Ensure Protect Mail Activity in Mail Is Enabled

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Apple provides privacy protection that should be enabled for the mail app on macOS to reduce information collection from a user that receives email.

Rationale:

Email is routinely abused by attackers, spammers and marketers. The 'Protect Mail Activity' control reduces risk by hiring the current IP address of your Mac and privately downloading remote content.

The Protect Mail Activity function of privately downloading remote content is not applicable for those users that do not download any remote content. Typical Internet email is no longer plain text and will not render properly without remote content, personal email or mailing list email may function without complaint by blocking remote content.

Impact:

Some remote content may be access controlled and refuse to download with this setting enabled.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Graphical Method:
Perform the following steps to enabled protect mail activity:

Open Mail

Select Mail in the menu bar

Select Settings...

Select Privacy

Set Protect Mail Activity to enabled