EX19-ED-000122 - Active hyperlinks in messages from non .mil domains must be rendered unclickable.

Information

Active hyperlinks within an email are susceptible to attacks of malicious software or malware. The hyperlink could lead to a malware infection or redirect the website to another fraudulent website without the user's consent or knowledge.

Exchange does not have a built-in message filtering capability. DOD Enterprise Email (DEE) has created a custom resolution to filter messages from non-.mil users that have hyperlinks in the message body. The hyperlink within the messages will be modified, preventing end users from automatically clicking links.

Solution

Update the EDSP to reflect the name of the Transport Agent.

Contact the DISA Enterprise Email Service Desk at disa.tinker.eis.mbx.dod-enterprise-services-service-desk@mail.mil and request the Agent and installation procedures.

or

Contact DEE Engineering PMO and request the Agent and installation procedures.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2019_Y24M10_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-8(2), CAT|II, CCI|CCI-001308, Rule-ID|SV-259608r961161_rule, STIG-ID|EX19-ED-000122, Vuln-ID|V-259608

Plugin: Windows

Control ID: 63f1cf23753d0309f76653863482633f5875d41fab71a0b5bbb3b6bd852911fc