Title

Digital signatures must be allowed. (Cat II impact)

Discussion

Outlook users can create and use signatures in e-mail messages. Users can add signatures to messages manually, and can also configure Outlook to automatically append signatures to new messages, to replies and forwards, or to all three. Signatures typically include details such as the user's name, title, phone numbers, and office location. If your organization has policies that govern the distribution of this kind of information, using signatures might cause some users to inadvertently violate these policies. Satisfies: SRG-APP-000514, SRG-APP-000555, SRG-APP-000625, SRG-APP-000630, SRG-APP-000635, SRG-APP-000416

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010-> Outlook Options -> Mail format "Do not allow signatures for e-mail messages" must be set to "Disabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\common\mailsettings Criteria: If the value DisableSignatures is REG_DWORD = 0, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010-> Outlook Options -> Mail format "Do not allow signatures for e-mail messages" to "Disabled".

Additional Identifiers

Rule ID: SV-242046r961857_rule

Vulnerability ID: V-242046

Group Title: SRG-APP-000514

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.