Check: OL6-00-000249
Oracle Linux 6 STIG:
OL6-00-000249
(in versions v2 r7 through v1 r9)
Title
Mail relaying must be restricted. (Cat II impact)
Discussion
This ensures "postfix" accepts mail messages (such as cron job reports) from the local system only, and not from the network, which protects it from network attack.
Check Content
If the system is an authorized mail relay host, this is not applicable. Run the following command to ensure postfix accepts mail messages from only the local system: $ grep inet_interfaces /etc/postfix/main.cf If properly configured, the output should show only "localhost". If it does not, this is a finding.
Fix Text
Edit the file "/etc/postfix/main.cf" to ensure that only the following "inet_interfaces" line appears: inet_interfaces = localhost
Additional Identifiers
Rule ID: SV-208930r793716_rule
Vulnerability ID: V-208930
Group Title: SRG-OS-000096
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000382 |
The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |