EX13-MB-000095 - The Exchange POP3 service must be disabled.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The POP3 protocol is not approved for use within the DoD. It uses a clear-text-based user name and password and does not support the DoD standard for PKI for email access. User name and password could easily be captured from the network, allowing a malicious user to access other system features. Uninstalling or disabling the service will prevent the use of the POP3 protocol.

Solution

Open the Windows Power Shell and enter the following command:

services.msc

Navigate to and double-click on Microsoft Exchange POP3 Backend.

Click on the 'General' tab.

In the Startup Type: dropdown, select Disabled.

Click the OK button.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2013_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, CAT|II, CCI|CCI-000381, Rule-ID|SV-84599r2_rule, STIG-ID|EX13-MB-000095, Vuln-ID|V-69977

Plugin: Windows

Control ID: 164c39323b53fdaf01db4773ee732cac00aa81e2ff7ff7c700c44591cde80d5e