Xylok Security Suite must maintain the confidentiality and disable the use of SMTP.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-269585 | XYLK-20-000199 | SV-269585r1053530_rule | CCI-002420 | high |
| Description | ||||
| Disabling the use of SMTP within the Xylok Security Suite is a strategic decision aimed at enhancing security, ensuring compliance, and reducing operational risks. By eliminating the potential vulnerabilities associated with email communications, Xylok can better protect sensitive data and maintain a robust security posture. | ||||
| STIG | Date | |||
| Xylok Security Suite 20.x Security Technical Implementation Guide | 2024-12-13 | |||
Details
Check Text (C-269585r1053530_chk)
Verify USE_SMTP is configured by executing the following:
$ grep USE_SMTP /etc/xylok.conf
If "USE_SMTP" is not set to "False" or is missing, this is a finding.
Fix Text (F-73519r1053529_fix)
Set USE_SMTP:
1. As root, open /etc/xylok.conf in a text editor.
2. Add/Amend "USE_SMTP=False" to the configuration file.
3. Restart Xylok to apply settings by executing the following:
# systemctl restart xylok