2.2 SMTP

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Securing SMTP involves requiring users to authenticate to the SMTP server before relaying messages, setting operator permissions, and requiring TLS encryption. NOTE: Nessus did not perform this check as it requires manual verification that the system is configured to utilize authentication for SMTP. NOTE: The Nessus Plugin Family 'SMTP Problems' contains many checks related to SMTP security and should be enabled in your scan policy.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

It is recommended to use Windows Authentication before using the SMTP.

See Also

https://workbench.cisecurity.org/files/657