Navigate

Check: RHEL-06-000249

Red Hat Enterprise Linux 6 STIG: RHEL-06-000249 (in versions v2 r2 through v1 r14)

Title

Mail relaying must be restricted. (Cat II impact)

Discussion

This ensures "postfix" accepts mail messages (such as cron job reports) from the local system only, and not from the network, which protects it from network attack.

Check Content

If the system is an authorized mail relay host, this is not applicable. Run the following command to ensure postfix accepts mail messages from only the local system: $ grep inet_interfaces /etc/postfix/main.cf If properly configured, the output should show only "localhost". If it does not, this is a finding.

Fix Text

Edit the file "/etc/postfix/main.cf" to ensure that only the following "inet_interfaces" line appears: inet_interfaces = localhost

Additional Identifiers

Rule ID: SV-218009r603264_rule

Vulnerability ID: V-218009

Group Title: SRG-OS-000096

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000382	The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality