MS.EXO.4.4v1 - An agency point of contact SHOULD be included for aggregate and failure reports.

Information

Email spoofing attempts are not inherently visible to domain owners. DMARC provides a mechanism to receive reports of spoofing attempts. Including an agency point of contact gives the agency insight into attempts to spoof their domains.

Solution

See [MS.EXO.4.1v1 Instructions](#msexo41v1-instructions) for an overview of how to publish and check a DMARC record. Ensure the record published includes:
- A point of contact specific to your agency in the RUA field.
- <[email protected]> as one of the emails in the RUA field.
- One or more agency-defined points of contact in the RUF field.

See Also

https://github.com/cisagov/ScubaGear/tree/v1.5.0/

Item Details

Category: ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-2, 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|CA-7, 800-53|CA-8, 800-53|CM-2, 800-53|CM-5, 800-53|CM-6, 800-53|CM-7, 800-53|IA-2, 800-53|IA-4, 800-53|RA-5, 800-53|SI-3, 800-53|SI-4, 800-53|SI-7

Plugin: microsoft_azure

Control ID: be97147425a5d066f621e6c3e05f8f1624c00a67040f666910a69ef235b2a012