Information
This recommendation pertains to whether a message attachment can be uploaded or accessed through Apple's Mail Drop service. This is a system-wide setting and would block Mail Drop for any personal accounts on the device using Apple Mail.
This recommendation does not need to be configured if your organization is using an email application other than Apple Mail.
Rationale:
Permitting attachment uploads to Mail Drop, which is outside organizational control, presents a data exfiltration path.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
From the Configuration Profile:
Open Apple Configurator.
Open the Configuration Profile.
In the left window pane, click on the Mail tab.
In the right window pane, uncheck the checkbox for Allow Mail Drop.