SHELL/6.2.2.ps1
|
$CheckId = "6.2.2" $Title = "Ensure mail transport rules do not whitelist specific domains" $Level = "L1" $BenchmarkType = "Automated" try { $NonCompliantRules = @( Get-TransportRule -ErrorAction Stop | Where-Object { $_.SetSCL -eq -1 -and $_.SenderDomainIs -ne $null } | Select-Object Name, SenderDomainIs, SetSCL ) $Pass = $NonCompliantRules.Count -eq 0 $Status = if ($Pass) { "PASS" } else { "FAIL" } [pscustomobject]@{ CheckId = $CheckId Title = $Title Level = $Level BenchmarkType = $BenchmarkType Status = $Status Pass = $Pass Evidence = [pscustomobject]@{ NonCompliantRuleCount = $NonCompliantRules.Count NonCompliantRules = $NonCompliantRules SourceDocument = "CIS_Microsoft_365_Foundations_Benchmark_v6.0.1" } Error = if ($Pass) { $null } else { "One or more transport rules whitelist domains by setting SetSCL to -1 with SenderDomainIs populated." } Timestamp = Get-Date } } catch { [pscustomobject]@{ CheckId = $CheckId Title = $Title Level = $Level BenchmarkType = $BenchmarkType Status = "ERROR" Pass = $null Evidence = [pscustomobject]@{ SourceDocument = "CIS_Microsoft_365_Foundations_Benchmark_v6.0.1" } Error = $_.Exception.Message Timestamp = Get-Date } } |