2.3.1 Ensure 'Enable non-delivery reports to remote domains' is set to 'False'

Information

This policy setting is used to determine if the server sends non-delivery reports (also known as NDRs or bounce messages) to remote domains.

Rationale:

Attackers can use automated messages to determine whether a user is active, in the office, traveling etc. and can use this information to conduct other types of attacks.

Impact:

Remote users will not receive automated non-delivery reports.

Note: If Microsoft Exchange is being used as HUB, this setting is applicable. If not, an exception to this recommendation might be required.

Solution

To implement the recommended state, execute the following PowerShell cmdlet:

Set-RemoteDomain 'RemoteDomain' -NDREnabled $false

Default Value:

True

See Also

https://workbench.cisecurity.org/benchmarks/12442

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7

Plugin: Windows

Control ID: 63479112cb28127851cc0b694dc0f17f85bb2d0397b9240936c616aed0db574a