Checks/check-ORCA233_1.ps1
|
<#
233_1 - Check EF is turned on where MX not set to MDO #> using module "..\ORCA.psm1" class ORCA233_1 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA233_1() { $this.Control="233_1" $this.Area="Connectors" $this.Name="Enhanced Filtering Configuration" $this.PassText="Domains are pointed directly at EOP or enhanced filtering is configured on all default connectors" $this.FailRecommendation="Configure enhanced filtering on connectors when email path is not direct to EOP" $this.Importance="Exchange Online Protection (EOP) and Microsoft Defender for Office 365 works best when the mail exchange (MX) record is pointed directly at the service. <p>In the event another third-party service is being used, a very important signal (the senders IP address) is obfuscated and hidden from EOP & MDO, generating a larger quantity of false positives and false negatives. By configuring Enhanced Filtering with the IP addresses of these services the true senders IP address can be discovered, reducing the false-positive and false-negative impact.</p>" $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Connector" $this.ItemName="EF Mode" $this.DataType="SkipListed IPs" $this.Links= @{ "Microsoft 365 Defender Portal - Enhanced Filtering"="https://aka.ms/orca-connectors-action-skiplisting" "Enhanced Filtering for Connectors"="https://aka.ms/orca-connectors-docs-1" } } <# RESULTS #> GetResults($Config) { $Connectors = @() # Analyze connectors ForEach($Connector in $($Config["InboundConnector"] | Where-Object {$_.Enabled})) { # Set regex options for later match $options = [Text.RegularExpressions.RegexOptions]::IgnoreCase ForEach($senderdomain in $Connector.SenderDomains) { # Perform match on sender domain $match = [regex]::Match($senderdomain,"^smtp:\*;(\d*)$",$options) if($match.success) { # Positive match $Connectors += New-Object -TypeName PSObject -Property @{ Identity=$Connector.Identity Priority=$($match.Groups[1].Value) TlsSenderCertificateName=$Connector.TlsSenderCertificateName EFTestMode=$Connector.EFTestMode EFSkipLastIP=$Connector.EFSkipLastIP EFSkipIPs=$Connector.EFSkipIPs EFSkipMailGateway=$Connector.EFSkipMailGateway EFUsers=$Connector.EFUsers } } } } # Determine if skip listing is required $SkipListRequired = $False $NonEOPRecords = @($Config["MXReports"] | Where-Object {$_.PointsToService -eq $False}) If($NonEOPRecords.Count -gt 0) { $SkipListRequired = $True } If($Connector.Count -eq 0 -and $SkipListRequired) { # No connectors so we should fail $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object="No Connectors" $ConfigObject.ConfigItem = "-" $ConfigObject.ConfigData = "None" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") $this.AddConfig($ConfigObject) } # Add config data for each connector ForEach($Connector in $Connectors) { # Construct config object $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$($Connector.Identity) If($SkipListRequired) { If($Connector.EFSkipLastIP) { $ConfigObject.ConfigItem = "Last IP" $ConfigObject.ConfigData = "Last IP" } ElseIf($Connector.EFSkipIPs.Count -gt 0) { $ConfigObject.ConfigItem = "Skip IPs" $ConfigObject.ConfigData = $Connector.EFSkipIPs } Else { $ConfigObject.ConfigItem = "Not Configured" $ConfigObject.ConfigData = "None" } # Determine that EF is set to a mode, no test mode, and no select users If(($Connector.EFSkipLastIp -eq $True -or $Connector.EFSkipIPs.Count -gt 0) -and $Connector.EFTestMode -eq $False -and $Connector.EFUsers.Count -eq 0) { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } If($Connector.EFTestMode) { $ConfigObject.ConfigItem += " (Test Mode)" } If($Connector.EFUsers.Count -gt 0) { $ConfigObject.ConfigItem += " (Select Users)" } } else { # Not required $ConfigObject.ConfigItem = "Not required" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } $this.AddConfig($ConfigObject) } } } # SIG # Begin signature block # MIIl7AYJKoZIhvcNAQcCoIIl3TCCJdkCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBla9kOpgL7JueA # 0mQ0hPLQ+udB/ISPr0j9oUOKKMeeDKCCC6YwggULMIID86ADAgECAhMzAAAFwlgA # 087+f22BAAEAAAXCMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIzMDkyMTE4MTE0M1oXDTI0MDkxODE4MTE0M1owfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQD5++3gGQURCZ5RFx3f6hxBcryv+l9JDcB/ue8Nf4lxtCZ3BYkCuFTxGzQs # lXh4SBgmfcoDr8X9mqmYlAhGlQn5WdhIlIjY7cyO+Jj9qH6ir7kKmqnxX5UMl2e8 # 1Xd78imtyJHeK3X/mReHaJItcbdObmRrJeq1cJm2qgiadjJK9aFPIGTd/2jgBIMc # G1LVd+lHU7fPU+wlvJshXoo7rj82PhSGoMqTN4s30oaUlIpKwhyn6eO7UIlD77Ez # NikN8J35LSlUGAWR7UW/qBrlVM9JURkIsAFfHUdZbsCu0wB3dHMBru+oDim+X/R9 # ko+B0F3Me40uod5i5D8m8HqIazstAgMBAAGjggGHMIIBgzAOBgNVHQ8BAf8EBAMC # B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFJfRokzB8QH6nZ8MnJQI # ahPRxmYhMEUGA1UdEQQ+MDykOjA4MR4wHAYDVQQLExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xFjAUBgNVBAUTDTIzMDA3Mis1MDE1NjYwHwYDVR0jBBgwFoAUv2Wiq291 # o05FllcFzzmH9MAVHBwwXAYDVR0fBFUwUzBRoE+gTYZLaHR0cDovL3d3dy5taWNy # b3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwVGVzdGluZyUyMFBDQSUy # MDIwMTAoMSkuY3JsMGkGCCsGAQUFBwEBBF0wWzBZBggrBgEFBQcwAoZNaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUZXN0 # aW5nJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B # AQsFAAOCAQEAMmCxC2x6fhzNJHnCk9zTlYQo0e/MzR5BHxJul6XfH7L2K+EOr+Wv # wiAvkkA47zgupON7XKs+NQFkTQAAw/tgzpZ95d2KyRUxbwfik44uLSqvgVNlSDSk # Ant8qiTj3+EhxYhcHQJwA4vz4Ow+rLIQOvPIHB0cOj1bJ/Z0olgCXfo/oORtXQe3 # 9M6dO7XvQ2i0SRvnfn95hodbpPWDmSvyHvZU5rHVLTBwyh9oTQ4v30P8eeAONxp6 # Sp6X7hLDy14Q0L4nfBeRFdf9M/DK6LjJ3bUWlYcqRpFwqMjAJQkW8RMtWuV8uSgD # PAR/tnqsaUFRAILpmfqPUwgXIVGT0/89iDCCBpMwggR7oAMCAQICEzMAAAAtNXpG # iMkHcdgAAAAAAC0wDQYJKoZIhvcNAQELBQAwgZAxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xOjA4BgNVBAMTMU1pY3Jvc29mdCBUZXN0aW5nIFJv # b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMjAxMjEwMjA0MzIwWhcN # MzUwNjE3MjEwNDExWjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMDCCASIwDQYJ # KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL88YIGrvuz/1xdj8qZC0RNinLAXzrpG # GnsiLlVzmlS5xtTRypj+d0cNjp3wXsz4VO/yzyrUYvGpNAoE18UFhvIQ9U3Tlghm # hdsCfRjc4nojp5opXa55GM8MY/Aa/4GpqUM/qQu5UfGzSDr8RC5fEcVWOv/KDs2I # CMH9x9X1Pu/qThtyiyO9RTeeH3DBp8m4IHPt82w9iyEFz3cS/qHcB+kNW3gJbDJV # EEfQN8jH9/pz/kY05FYWqDdkU9Y1+8OAto62hpGhENbBSvbjetQRCrLeLp4Ql+CB # rhJdiAFdzKTEKFKcYPAK5oivS+lXiuyjDzceKfZdIdPX2l0OyU7bjW0CAwEAAaOC # AfowggH2MA4GA1UdDwEB/wQEAwIBhjASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsG # AQQBgjcVAgQWBBTqn18zttBfnq3rLabBArtAOMvntTAdBgNVHQ4EFgQUv2Wiq291 # o05FllcFzzmH9MAVHBwwVAYDVR0gBE0wSzBJBgRVHSAAMEEwPwYIKwYBBQUHAgEW # M2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5 # Lmh0bTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAPBgNVHRMBAf8EBTADAQH/ # MB8GA1UdIwQYMBaAFKMBBH4wiDPruTGcyuuFdmf8ZbTRMFkGA1UdHwRSMFAwTqBM # oEqGSGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01p # Y1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNybDCBjQYIKwYBBQUHAQEEgYAwfjBN # BggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9N # aWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6 # Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDANBgkqhkiG9w0BAQsFAAOCAgEA # J7TQhbKezA+kKlNz1W3a1zEAyPb/Y8j2ARG1GJLa3LT5rybo/Ep5vcFnsIgDeWXP # NTUFWI7igwaW9bp+EllQm+Dw1T2dCfO7Rs2HvXTid9BGBnoiGmkrZCy5izmADOqC # JyKiMFciJNkhP6tpRrfDr8HGXrzZj5FWI5Op8iYuRHb0unIj0ZlvW0VkU+KVlPG2 # SEC/d/CxOJRzkAIsawEIlnrOUs6dlPORNJy3Wg6+cPyNvCf2dfuM1tTWqNaa1Qjq # q6LJ6DVH1X9ZL7MH1txWNpdT4gGKfLBsjuexms7V3QaBDgXAy3nX3D62vfjS3RBd # +jZBNIPvXW6JBWOysYVCfFqTIgpjeMo/SyhS70G3LRjCSWPRMBxYn5tqYGommnyh # dRss/ja7icxBIKcrDKP3/QFQUP6gnT0EBhFqd0AyGnn+LbPUE8fkZgyggQzExS4B # ZpoW7VGNCVoy5Cp+7KM/yyHA1JXv6eU4hQ+FYX2ZwHL2EB137rJZ8qfsroVswEpw # EDZziDun3NSRSMJA5HDPpP07KXwGo8x6KEgMF5Kzlq40Q1esCNGMzFR6xMkNIWeT # ZyF2y95a05Dj439zQbtZ2kjRGsknbkrQ2xVY1d016BDRJ2YroCSmEsJoc6GBzNZ4 # IqTeazXaiYiubpKehPCw84t5ef+13LSUGN/mYBwyaLIxghmcMIIZmAIBATCBkDB5 # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpN # aWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMAITMwAABcJYANPO/n9tgQABAAAFwjAN # BglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgBEh8mxoV # fG7nSFNhzTqufJnzoHueZyGETcO/Jqve1kgwRAYKKwYBBAGCNwIBDDE2MDSgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5jb20g # MA0GCSqGSIb3DQEBAQUABIIBAAkF2PNtUxaYKp45yeAdlphNKppq3XWMlxnojITb # K8PK7cPnNbg2tE4cpZWeHrUa9pMcw19/U3Rxa0UIaHzec+HeFtmoWdzNvWfSExkf # KdVEbbkUcUQKgTUCiCLpN80XGG7ehJXvhlotxU3czvTjTKdNqwlVhQOhu0UWjhOK # Nij3RI3vrr4zP14XzYzNWTkLOyzdPJNvnWGcWxqo1jGR/G9Tc9n+PStGFMsuM7tF # 5UJsAsVo31NkJ84vk6asyDgwQhlEP8zBV+cStnA1TSrMP1UBihFuzc/8KX6qaMd8 # jg4/LaYMbMIy+nwch5TCN+1D7Lqj6W5cQCvoZY34RDO8bPehghcpMIIXJQYKKwYB # BAGCNwMDATGCFxUwghcRBgkqhkiG9w0BBwKgghcCMIIW/gIBAzEPMA0GCWCGSAFl # AwQCAQUAMIIBWQYLKoZIhvcNAQkQAQSgggFIBIIBRDCCAUACAQEGCisGAQQBhFkK # AwEwMTANBglghkgBZQMEAgEFAAQg6SWpD0l8j2XHYLnwq8qg/8jRRWy5WdJ0AgUs # yjP58pECBmVCre7GYRgTMjAyMzExMTYwMDExNTYuNzQ1WjAEgAIB9KCB2KSB1TCB # 0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMk # TWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1U # aGFsZXMgVFNTIEVTTjoyQUQ0LTRCOTItRkEwMTElMCMGA1UEAxMcTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgU2VydmljZaCCEXgwggcnMIIFD6ADAgECAhMzAAAB3p5Inpaf # KEQ9AAEAAAHeMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI # EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv # ZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBD # QSAyMDEwMB4XDTIzMTAxMjE5MDcxMloXDTI1MDExMDE5MDcxMlowgdIxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29m # dCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRT # UyBFU046MkFENC00QjkyLUZBMDExJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0 # YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC0gfQc # hfVCA4QOsRazp4sP8bA5fLEovazgjl0kjuFTEI5zRgKOVR8dIoozBDB/S2NklCAZ # FUEtDJepEfk2oJFD22hKcI4UNZqa4UYCU/45Up4nONlQwKNHp+CSOsZ16AKFqCsk # mPP0TiCnaaYYCOziW+Fx5NT97F9qTWd9iw2NZLXIStf4Vsj5W5WlwB0btBN8p78K # 0vP23KKwDTug47srMkvc1Jq/sNx9wBL0oLNkXri49qZAXH1tVDwhbnS3eyD2dkQu # KHUHBD52Ndo8qWD50usmQLNKS6atCkRVMgdcesejlO97LnYhzjdephNJeiy0/Tph # qNEveAcYNzf92hOn1G51aHplXOxZBS7pvCpGXG0O3Dh0gFhicXQr6OTrVLUXUqn/ # ORZJQlyCJIOLJu5zPU5LVFXztJKepMe5srIA9EK8cev+aGqp8Dk1izcyvgQotRu5 # 1A9abXrl70KfHxNSqU45xv9TiXnocCjTT4xrffFdAZqIGU3t0sQZDnjkMiwPvuR8 # oPy+vKXvg62aGT1yWhlP4gYhZi/rpfzot3fN8ywB5R0Jh/1RjQX0cD/osb6ocpPx # Hm8Ll1SWPq08n20X7ofZ9AGjIYTccYOrRismUuBABIg8axfZgGRMvHvK3+nZSiF+ # Xd2kC6PXw3WtWUzsPlwHAL49vzdwy1RmZR5x5QIDAQABo4IBSTCCAUUwHQYDVR0O # BBYEFGswJm8bHmmqYHccyvDrPp2j0BLIMB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl # 0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAy # MDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93 # d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1T # dGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwFgYDVR0lAQH/ # BAwwCgYIKwYBBQUHAwgwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IC # AQDilMB7Fw2nBjr1CILORw4D7NC2dash0ugusHypS2g9+rWX21rdcfhjIms0rsvh # rMYlR85ITFvhaivIK7i0Fjf7Dgl/nxlIE/S09tXESKXGY+P2RSL8LZAXLAs9VxFL # F2DkiVD4rWOxPG25XZpoWGdvafl0KSHLBv6vmI5KgVvZsNK7tTH8TE0LPTEw4g9v # IAFRqzwNzcpIkgob3aku1V/vy3BM/VG87aP8NvFgPBzgh6gU2w0R5oj+zCI/kkJi # PVSGsmLCBkY73pZjWtDr21PQiUs/zXzBIH9jRzGVGFvCqlhIyIz3xyCsVpTTGIbl # n1kUh2QisiADQNGiS+LKB0Lc82djJzX42GPOdcB2IxoMFI/4ZS0YEDuUt9Gce/Bq # gSn8paduWjlif6j4Qvg1zNoF2oyF25fo6RnFQDcLRRbowiUXWW3h9UfkONRY4AYO # JtzkxQxqLeQ0rlZEII5Lu6TlT7ZXROOkJQ4P9loT6U0MVx+uLD9Rn5AMFLbeq62T # PzwsERuoIq2Jp00Sy7InAYaGC4fhBBY1b4lwBk5OqZ7vI8f+Fj1rtI7M+8hc4PNv # xTKgpPcCty78iwMgxzfhcWxwMbYMGne6C0DzNFhhEXQdbpjwiImLEn/4+/RKh3aD # cEGETlZvmV9dEV95+m0ZgJ7JHjYYtMJ1WnlaICzHRg/p6jCCB3EwggVZoAMCAQIC # EzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYT # AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBS # b290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTIxMDkzMDE4MjIyNVoX # DTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwggIi # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk4aZM57RyIQt5osvXJHm9DtWC # 0/3unAcH0qlsTnXIyjVX9gF/bErg4r25PhdgM/9cT8dm95VTcVrifkpa/rg2Z4VG # Iwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPFdvWGUNzBRMhxXFExN6AKOG6N7dcP # 2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6GnszrYBbfowQHJ1S/rboYiXcag/P # XfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBpDco2LXCOMcg1KL3jtIckw+DJj361 # VI/c+gVVmG1oO5pGve2krnopN6zL64NF50ZuyjLVwIYwXE8s4mKyzbnijYjklqwB # Sru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3EXzTdEonW/aUgfX782Z5F37ZyL9t9 # X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3Rxjtp+iZfD9M269e # wvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je1yh2AuIzGHLXpyDw # wvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUYhEfb3BvR/bLUHMVr # 9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PAPBXbGjfHCBUYP3irRbb1Hode2o+e # FnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkwEgYJKwYBBAGCNxUBBAUCAwEAATAj # BgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4wHQYDVR0OBBYEFJ+n # FV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARVMFMwUQYMKwYBBAGCN0yDfQEBMEEw # PwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9j # cy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcDCDAZBgkrBgEEAYI3 # FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAf # BgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBNMEugSaBH # hkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNS # b29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUF # BzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0Nl # ckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG9w0BAQsFAAOCAgEAnVV9/Cqt4Swf # ZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0xM7U518JxNj/aZGx80HU5bbsPMeTC # j/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmCVgADsAW+iehp4LoJ7nvfam++Kctu # 2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449xvNo32X2pFaq95W2KFUn0CS9QKC/ # GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wMnosZiefwC2qBwoEZQhlSdYo2wh3D # YXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG+jIa2Zb0j/aRAfbO # xnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2dY3RILLFORy3BFARxv2T5JL5zbcqO # Cb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77IVRrakURR6nxt67I # 6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJfn6Tvsv4O+S3Fb+0 # zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokLjzbaukz5m/8K6TT4JDVnK+ANuOaM # mdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNT # TY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggLUMIICPQIBATCCAQChgdikgdUwgdIx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1p # Y3Jvc29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhh # bGVzIFRTUyBFU046MkFENC00QjkyLUZBMDExJTAjBgNVBAMTHE1pY3Jvc29mdCBU # aW1lLVN0YW1wIFNlcnZpY2WiIwoBATAHBgUrDgMCGgMVAGigUorMuMvOqZfF8ttg # iWRMRNrzoIGDMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwDQYJ # KoZIhvcNAQEFBQACBQDo/6BFMCIYDzIwMjMxMTE2MDM1MzQxWhgPMjAyMzExMTcw # MzUzNDFaMHQwOgYKKwYBBAGEWQoEATEsMCowCgIFAOj/oEUCAQAwBwIBAAICFpYw # BwIBAAICEWswCgIFAOkA8cUCAQAwNgYKKwYBBAGEWQoEAjEoMCYwDAYKKwYBBAGE # WQoDAqAKMAgCAQACAwehIKEKMAgCAQACAwGGoDANBgkqhkiG9w0BAQUFAAOBgQBF # 0KJRc2Iz1tcWd6ovt9Q5j0rGtXIdDta5ed1ejyfoSezMJXnoXIgtyfmzdgyvD6N4 # TqEbE2h5XovJzsmnInpJv+ikOfw9Se5AW5WnUwj107Lthew+sdDXWnCC2HQc2dkb # hlu0DHPr377UfZhHuQQmYaDOutMC4j4a6qxCfiabsTGCBA0wggQJAgEBMIGTMHwx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1p # Y3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB3p5InpafKEQ9AAEAAAHe # MA0GCWCGSAFlAwQCAQUAoIIBSjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQw # LwYJKoZIhvcNAQkEMSIEIDZ9oEKpZirBgoCuq/ZPaYZ9gf1aLtudEcfSHDWQQn9D # MIH6BgsqhkiG9w0BCRACLzGB6jCB5zCB5DCBvQQgjj4jnw3BXhAQSQJ/5gtzIK0+ # cP1Ns/NS2A+OB3N+HXswgZgwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0Eg # MjAxMAITMwAAAd6eSJ6WnyhEPQABAAAB3jAiBCCenvt5HVNfyJgyUC0UrVoiy47W # VyC9N0GLvPWoiNywWDANBgkqhkiG9w0BAQsFAASCAgB/nSR3ZkZR0+BOLKTT4bc7 # Rix4spNq8Pnmeqr6c71919n9TZAN/PuzrLI29DWmjHr+Ebr7Q5PxjbQsvsfRuzvb # 605YJCpomGZGFfyEh3OvFuxoPa9jhm5ICpnJmbawOaaJq2WQfj2Abo0F4bvO3wY9 # s9Bfga75lN8T27w26e9XZiPD16qBjeasVYuk8luWq6mKxU7hL7SmIa0+z7qmb1Ei # kxROOUjAI4VPB1dRRLs0fD3/GYXmOejz/R+xb8C3XEclanLqPVL1eon5/DNal/5x # cfXxYEd9Fjmw+dj9ywHq1zYf8W04rKU81nh46GCaMxD+OCwXF79jZNv4MYQV60S1 # sDkVw2AC6wxI8Vb5jSUuh0A7LVizznkw3UvEoBgrFJUAUU7lduWZHlToW/0t34kN # mXO34ocRAn9W3iMADtyZswMPQtnA7AY2bDtn9j3ALQhby2tadErgXBTqWMu/2TpT # l5vDwrPrONPLHmgs+B7A/1zLD73zx1tRaHIXmNAA8HGJLSHkTkLDADgf0GxkSMJs # ly+PGXJkn1fVKfrTn37iUlWWs6Z7aQIWm0pm0t1XqPDm68dfQywmS0unIJAOHQ/d # ZuJ+v6wRBTfkie7Nc1AIr0PZT884wRk6t+b4gZ6U15YYdAkbDRjTnNi8ngizgMtI # cKt1kzo2e4T2a0QTni8ofw== # SIG # End signature block |