1.4 Set 'External send connector authentication: DNS Routing' to 'True'

Information

Select this option to use DNS to route outbound mail. If enabled the connector will use DNS to resolve the IP address of the remote SMTP server.

Rationale:

Basic authentication sends credentials across the network in plaintext. DNS routing helps protect connections from tampering or interception by unauthorized users.

Solution

To implement the recommended state, execute the following PowerShell cmdlet:

Set-SendConnector 'Connection to Contoso.com' -DNSRoutingEnabled $true

See Also

https://workbench.cisecurity.org/files/1514

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-11

Plugin: Windows

Control ID: ae7d74d711329261b9f01cea34e479ee002258b1ad0e18407045c1598a61765f