EX16-ED-000430 - Exchange messages with a malformed From address must be rejected.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Sender Identification (SID) is an email antispam sanitization process. Sender ID uses DNS MX record lookups to verify the Simple Mail Transfer Protocol (SMTP) sending server is authorized to send email for the originating domain.

Failure to implement Sender ID risks that spam could be admitted into the email domain that originates from rogue servers. Most spam content originates from domains where the IP address has been spoofed prior to sending, thereby avoiding detection. For example, messages with malformed or incorrect 'purported responsible sender' data in the message header could be (best case) created by using RFI noncompliant software but is more likely to be spam.

Solution

Open the Exchange Management Shell and enter the following command:

Set-SenderIdConfig -SpoofedDomainAction Reject

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2016_Y22M07_STIG.zip

Item Details

References: CAT|II, CCI|CCI-001308, Rule-ID|SV-221242r612603_rule, STIG-ID|EX16-ED-000430, STIG-Legacy|SV-95275, STIG-Legacy|V-80565, Vuln-ID|V-221242

Plugin: Windows

Control ID: 6f4519f6e93668056876b9e8135b952765e0df765fe36bbe597741eae44c5697