Description
- Type: CUSTOMER
- Severity: WARNING
- Protection against: MALWARE
- CIS: M365 4.2 - (L1) Ensure Exchange Online Spam Policies are set correctly
- FIX Available: YES
This Customer Check verifies whether emails from the internal organization are being scanned for spam.
Why this check?
We mostly know spam as something to spend as little time on as possible. But if it comes from the internal organization, it is an indicator that there might be more going on. For example:
- A computer in your organization is infected by malware aimed at sending spam;
- An employee tries to send a legitimate email outside, but it is seen as spam. This can lead to reputational damage.
The Outbound Spam Filter is also used to block automatic forwarding of emails outside the organization. Outlook rules configured in this way can lead to data leaks and be used by malicious parties to obtain sensitive information about internal processes.
CIS Benchmarks
This measure aligns with the following item from the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark:
- CIS M365 4.2 - (L1) Ensure Exchange Online Spam Policies are set correctly
What possible outcomes does the check have?
This check has three possible outcomes. In Attic, this is reflected as follows:
- Okay: The policy to check spam from the internal organization is enabled
- Warning: In this case, the policy to check outgoing email for spam is not (properly) activated
How should this be followed up?
If the output is Warning , we advise enabling the spam policy.
A Fix is available for this check, which we will offer through Attic.
Comments
0 comments
Please sign in to leave a comment.