Xylok Security Suite must maintain the confidentiality and disable the use of SMTP.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| high | V-269585 | SRG-APP-000441 | XYLK-20-000199 | SV-269585r1053530_rule | 2024-12-13 | 1 |
| Description |
|---|
| Disabling the use of SMTP within the Xylok Security Suite is a strategic decision aimed at enhancing security, ensuring compliance, and reducing operational risks. By eliminating the potential vulnerabilities associated with email communications, Xylok can better protect sensitive data and maintain a robust security posture. |
| ℹ️ Check |
|---|
| Verify USE_SMTP is configured by executing the following: $ grep USE_SMTP /etc/xylok.conf If "USE_SMTP" is not set to "False" or is missing, this is a finding. |
| ✔️ Fix |
|---|
| Set USE_SMTP: 1. As root, open /etc/xylok.conf in a text editor. 2. Add/Amend "USE_SMTP=False" to the configuration file. 3. Restart Xylok to apply settings by executing the following: # systemctl restart xylok |