History
- Priority
- should
- Oct 2019
- Removed
- Security control 0561 was removed due to insufficient justification for its continued inclusion.
- Sep 2019
- Emails addressed to internal email aliases where the source address is from outside the domain are blocked at the email gateway.
- Mar 2019
- Emails addressed to internal email aliases where the source address is from outside the domain are blocked at the email gateway.
- Security control 0561 was reworded.
- Feb 2019
- All emails addressed to internal email aliases with source addresses located from outside the domain are blocked at the gateway.
- 2015
- Agencies must block at the gateway:• emails addressed to internal email aliases with source addresses located from outsidethe domain• all emails arriving via an external connection where the source address uses an internaldomain name.
- 2010
- Agencies should block:• inbound and outbound email, including any attachments, that contain either:– malicious code– content in conflict with the email policy– content that cannot be identified– encrypted content, when that content cannot be inspected for malicious code or authenticatedas originating from a trusted source• emails addressed to internal email aliases with source addresses located from outside the domain• all emails arriving via an external connection where the source address uses an internal domain name.
- 2008
- Agencies should block: a. inbound and outbound email, including any attachments, that contain: 1) malicious code 2) content in conflict with the agency’s email policy 3) content that cannot be identified 4) encrypted content, when that content cannot be inspected for malicious code or authenticated as originating from a trusted source b. emails addressed to internal email aliases with source addresses located from outside the domain c. all emails arriving via an external connection where the source address uses an internal agency domain name.