cisagov / ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines
https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
Creative Commons Zero v1.0 Universal
1.65k stars 221 forks source link

MS.EXO.4.3v1 Reporting Failure / No option for config file to use other point of contact. #1065

Open sgendron50 opened 6 months ago

sgendron50 commented 6 months ago

🐛 Summary

What's wrong? Please be specific.

Run script against a non-federal agency and it reports failure even though a DMARC point of contact is present in the DNS record. I looked for an option to override this within the config file, but I don't see an option.

Expected behavior

I expected that there would be an option to override this within the config file for when non-government agencies leverage ScubaGear.

Any helpful log output or screenshots

Add any screenshots of the problem here.

buidav commented 6 months ago

Thanks for opening an issue on this. Relates to #616 where the capability for users to ignore certain ScubaGear checks if they're not applicable to your organization will be added.