Back

Configure the “dovecot” service to organizational standards.


CONTROL ID
04990
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Ensure IMAP and POP3 server is not installed Description: `dovecot` is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided by this system, it is recommended that the package be removed to reduce the potential attack surface. _Not… (2.2.10, CIS Amazon Linux 2 Benchmark, v.2.0.0, Level 1)
  • Ensure IMAP and POP3 server is not installed Description: `dovecot` is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided by this system, it is recommended that the package be removed to reduce the potential attack surface. _Not… (2.2.10, CIS Amazon Linux 2 Benchmark, v.2.0.0, Level 2)
  • Title: Remove Dovecot (IMAP and POP3 services) Description: Dovecot is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided to this server, it is recommended that the service be deleted to reduce the potential attack surface. … (Rule: xccdf_org.cisecurity.benchmarks_rule_3.12_Remove_Dovecot_IMAP_and_POP3_services Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_3.12.1_services.dovecot, The Center for Internet Security CentOS 6 Level 1 Benchmark, 1.0.0)
  • Title: Remove Dovecot (IMAP and POP3 services) Description: Dovecot is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided to this server, it is recommended that the service be deleted to reduce the potential attack surface… (Rule:xccdf_org.cisecurity.benchmarks_rule_3.12_Remove_Dovecot_IMAP_and_POP3_services Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_3.12.1_services.dovecot, The Center for Internet Security Red Hat Enterprise Linux 6 Level 1 Benchmark, 1.2.0)
  • Title: Remove Dovecot (IMAP and POP3 services) Description: Dovecot is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided to this server, it is recommended that the service be deleted to reduce the potential attack surface… (Rule:xccdf_org.cisecurity.benchmarks_rule_3.12_Remove_Dovecot_IMAP_and_POP3_services Artifact Expression:xccdf_org.cisecurity.benchmarks_ae_3.12.1_services.dovecot, The Center for Internet Security Red Hat Enterprise Linux 6 Level 2 Benchmark, 1.2.0)
  • Title: Ensure IMAP and POP server is not enabled Description: Dovecot is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided to this server, it is recommended that the service be deleted to reduce the potential attack… (Rule: xccdf_org.cisecurity.benchmarks_rule_6.11_Ensure_IMAP_and_POP_server_is_not_enabled Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_6.11.1_, The Center for Internet Security Ubuntu 12.04 LTS Level 1 Benchmark, v1.0.0)
  • Title: Ensure IMAP and POP server is not enabled Description: Dovecot is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided to this server, it is recommended that the service be deleted to reduce the potential attack… (Rule: xccdf_org.cisecurity.benchmarks_rule_6.11_Ensure_IMAP_and_POP_server_is_not_enabled Artifact Expression: xccdf_org.cisecurity.benchmarks_ae_6.11.1_, The Center for Internet Security Ubuntu 12.04 LTS Level 2 Benchmark, v1.0.0)
  • Ensure IMAP and POP3 server is not enabled Description: `dovecot` is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided by this system, it is recommended that the service be deleted to reduce the potential attack surface. Remedi… (2.2.8, CIS Oracle Linux 8 Benchmark, Server Level 1, v1.0.1)
  • Ensure IMAP and POP3 server is not enabled Description: `dovecot` is an open source IMAP and POP3 server for Linux based systems. Rationale: Unless POP3 and/or IMAP servers are to be provided by this system, it is recommended that the service be deleted to reduce the potential attack surface. Remedi… (2.2.8, CIS Oracle Linux 8 Benchmark, Server Level 2, v1.0.1)
  • The dovecot service should be enabled or disabled as appropriate. Technical Mechanisms: via chkconfig Parameters: enabled / disabled References: Section: 3.17.1, Value: disabled CCE-U-203 (CCE-3847-1, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 5, 5.20130214)
  • The dovecot package should be installed or uninstalled as appropriate. Technical Mechanisms: via yum Parameters: installed / uninstalled References: Section: 3.17.1, Value: uninstalled (CCE-4239-0, Common Configuration Enumeration List, Combined XML: Red Hat Enterprise Linux 5, 5.20130214)