Detections
Analytics

2.2.25 Ensure unrestricted mail relaying is prevented

Information

The operating system must be configured to prevent unrestricted mail relaying.

Rationale:

If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.

Solution

If postfix is installed, modify the /etc/postfix/main.cf file to restrict client connections to the local network with the following command:
Example: vim /etc/postfix/main.cf
Add this line:

# postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'

See Also

https://workbench.cisecurity.org/files/3636

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CCI|CCI-000366, CSCv6|9.1, CSCv7|9.2, Rule-ID|SV-204619r603261_rule, STIG-ID|RHEL-07-040680

Plugin: Unix

Control ID: 1eb74e502d0b096bea2c995cff352a42bb856627036db25431578f173b2a2935