3.9 Set 'Enable automatic forwards to remote domains' to 'False'

Information

You can use this setting to determine if the server sends automatic forwards to remote domains.

Rationale:

Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct other types of attacks.

Solution

To implement the recommended state, execute the following PowerShell cmdlet:

Set-RemoteDomain -Identity Contoso -AutoForwardEnabled $false

See Also

https://workbench.cisecurity.org/files/1514

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b.

Plugin: Windows

Control ID: 4e89870ce2c3157140af360375a473d7a4ec60893e5e6d1ed645495f690274a0