EX16-MB-000290 - Exchange email forwarding must be restricted.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Auto-forwarded email accounts do not meet the requirement for digital signature and encryption of Controlled Unclassified Information (CUI) and Personally Identifiable Information (PII) in accordance with DoDI 8520.2 (reference ee) and DoD Director for Administration and Management memorandum, 'Safeguarding Against and Responding to the Breach of Personally Identifiable Information'.

Use of forwarding set by an administrator interferes with nonrepudiation requirements that each end user be responsible for creation and destination of email data.

Solution

Update the EDSP.

Open the Exchange Management Shell and enter the following command:

Set-Mailbox -Identity <'IdentityName'> -ForwardingSMTPAdddress $null

Note: The <IdentityName> value must be in quotes.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2016_Y22M07_STIG.zip

Item Details

References: CAT|II, CCI|CCI-001199, Rule-ID|SV-228377r612748_rule, STIG-ID|EX16-MB-000290, STIG-Legacy|SV-95379, STIG-Legacy|V-80669, Vuln-ID|V-228377

Plugin: Windows

Control ID: f4139430b721265893c025fc17bca587a688beb99ef5d3d79933c955cc9c5532