Skip to content

Revise Implementation Steps for MS.EXO.7.1v1 #1629

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
1 of 3 tasks
adhilto opened this issue Mar 17, 2025 · 0 comments
Open
1 of 3 tasks

Revise Implementation Steps for MS.EXO.7.1v1 #1629

adhilto opened this issue Mar 17, 2025 · 0 comments
Labels
baseline-document Issues relating to the text in the baseline documents themselves enhancement This issue or pull request will add new or improve existing functionality
Milestone
Orca

Comments

@adhilto
Copy link
Collaborator

adhilto commented Mar 17, 2025

Prerequisites

  • This issue has an informative and human-readable title.

💡 Summary

Add flexibility in how MS.EXO.7.1v1 can be implemented, as there are multiple valid methods.

Motivation and context

MS.EXO.7.1v1, "External sender warnings SHALL be implemented," has multiple possible implementations. The current baseline implementation steps suggest using mail flow rules to add the warning. The Rego checks to ensure that a mail flow rule exists that:

  • Is enabled
  • Is enforced
  • Targets mail from external senders
  • Prepends something to the subject line

The baseline and Rego implementations are at the same time to proscriptive (there are other ways of doing this) and too vague (we don't proscribe what to prepend to the subject in the baseline so the Rego can't check what is being prepended).

The primary alternative to using mail flow rules is Set-ExternalOutlook. Multiple users have reported using this method (e.g., #1624). Also, this is the approach recommended by the latest CIS benchmark.

Implementation notes

  • Identify the different ways MS.EXO.7.1v1 could be implemented
  • Identify the limitations associated with each
  • Adjust the baseline implementation steps to allow all methods with acceptable limitations
  • Update the Rego code to reflect the updated implementation steps in the baseline

Acceptance criteria

  • The baseline implementation is updated
  • The Rego implementation is updated
@adhilto adhilto added enhancement This issue or pull request will add new or improve existing functionality baseline-document Issues relating to the text in the baseline documents themselves labels Mar 17, 2025
@adhilto adhilto mentioned this issue Mar 17, 2025
Closed
1 task
@adhilto adhilto marked this as a duplicate of #1624 Apr 1, 2025
@schrolla schrolla added this to the Orca milestone Apr 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
baseline-document Issues relating to the text in the baseline documents themselves enhancement This issue or pull request will add new or improve existing functionality
Projects
None yet
Milestone
Orca
Development

No branches or pull requests
2 participants
@adhilto @schrolla