Checks/check-ORCA233_1.ps1
|
<#
233_1 - Check EF is turned on where MX not set to ATP #> using module "..\ORCA.psm1" class ORCA233_1 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA233_1() { $this.Control="233_1" $this.Area="Connectors" $this.Name="Enhanced Filtering Configuration" $this.PassText="Domains are pointed directly at EOP or enhanced filtering is configured on all default connectors" $this.FailRecommendation="Configure enhanced filtering on connectors when email path is not direct to EOP" $this.Importance="Exchange Online Protection (EOP) and Advanced Threat Protection (ATP) works best when the mail exchange (MX) record is pointed directly at the service. <p>In the event another third-party service is being used, a very important signal (the senders IP address) is obfuscated and hidden from EOP & ATP, generating a larger quantity of false positives and false negatives. By configuring Enhanced Filtering with the IP addresses of these services the true senders IP address can be discovered, reducing the false-positive and false-negative impact.</p>" $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Connector" $this.ItemName="EF Mode" $this.DataType="SkipListed IPs" $this.Links= @{ "Security & Compliance Center - Enhanced Filtering"="https://aka.ms/orca-connectors-action-skiplisting" "Enhanced Filtering for Connectors"="https://aka.ms/orca-connectors-docs-1" } } <# RESULTS #> GetResults($Config) { $Connectors = @() # Analyze connectors ForEach($Connector in $($Config["InboundConnector"] | Where-Object {$_.Enabled})) { # Set regex options for later match $options = [Text.RegularExpressions.RegexOptions]::IgnoreCase ForEach($senderdomain in $Connector.SenderDomains) { # Perform match on sender domain $match = [regex]::Match($senderdomain,"^smtp:\*;(\d*)$",$options) if($match.success) { # Positive match $Connectors += New-Object -TypeName PSObject -Property @{ Identity=$Connector.Identity Priority=$($match.Groups[1].Value) TlsSenderCertificateName=$Connector.TlsSenderCertificateName EFTestMode=$Connector.EFTestMode EFSkipLastIP=$Connector.EFSkipLastIP EFSkipIPs=$Connector.EFSkipIPs EFSkipMailGateway=$Connector.EFSkipMailGateway EFUsers=$Connector.EFUsers } } } } # Determine if skip listing is required $SkipListRequired = $False $NonEOPRecords = @($Config["MXReports"] | Where-Object {$_.PointsToService -eq $False}) If($NonEOPRecords.Count -gt 0) { $SkipListRequired = $True } If($Connector.Count -eq 0 -and $SkipListRequired) { # No connectors so we should fail $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object="No Connectors" $ConfigObject.ConfigItem = "-" $ConfigObject.ConfigData = "None" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") $this.AddConfig($ConfigObject) } # Add config data for each connector ForEach($Connector in $Connectors) { # Construct config object $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$($Connector.Identity) If($SkipListRequired) { If($Connector.EFSkipLastIP) { $ConfigObject.ConfigItem = "Last IP" $ConfigObject.ConfigData = "Last IP" } ElseIf($Connector.EFSkipIPs.Count -gt 0) { $ConfigObject.ConfigItem = "Skip IPs" $ConfigObject.ConfigData = $Connector.EFSkipIPs } Else { $ConfigObject.ConfigItem = "Not Configured" $ConfigObject.ConfigData = "None" } # Determine that EF is set to a mode, no test mode, and no select users If(($Connector.EFSkipLastIp -eq $True -or $Connector.EFSkipIPs.Count -gt 0) -and $Connector.EFTestMode -eq $False -and $Connector.EFUsers.Count -eq 0) { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } If($Connector.EFTestMode) { $ConfigObject.ConfigItem += " (Test Mode)" } If($Connector.EFUsers.Count -gt 0) { $ConfigObject.ConfigItem += " (Select Users)" } } else { # Not required $ConfigObject.ConfigItem = "Not required" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } $this.AddConfig($ConfigObject) } } } # SIG # Begin signature block # MIIlvwYJKoZIhvcNAQcCoIIlsDCCJawCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBXQIX/AIYRJO1D # fkMpkEKQh+fhk6rmuYU/VjYVWoVyaKCCC6UwggUKMIID8qADAgECAhMzAAAFOerE # zyAjdtJfAAEAAAU5MA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIyMDUwNTIwMDgwMFoXDTIzMDUwNDIwMDgwMFowfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQCbG5wszQxPSAu4WUO6mrT0Ah7aLQY35Uu8h8eWEeaYgdyqjUlUs2hVwSQd # 8fAl2IAe++y448He+r+NzsC6vwc2iPWRF2Tjl29EGOp/Kn6Okj15/anyvlQ+7On9 # GMjDTsLDBUD6yCSCZBygPxiktkFH8CnKIZ2xCD2OUUkRoGofo+0t8COCoaiqVQzT # kQDV5ET45Gliz8etzWN9Ho2AHC4hwQZz0T/zNLUvGivqS/8ns/tsqigDNIxgT9Iy # Mm4hXjuIvjx7fzQkVyMY6ORRPZ0fJzH+ZyMCmr9QtKs6Tv0Uva4oaNPggLVnVKrJ # qwcr7oytd5sN7vqADBqtbUOIt0CNAgMBAAGjggGGMIIBgjATBgNVHSUEDDAKBggr # BgEFBQcDAzAdBgNVHQ4EFgQUx1nHx7dJRksCcK4WcH1JCzbr3TowVAYDVR0RBE0w # S6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGlt # aXRlZDEWMBQGA1UEBRMNMjMwMDcyKzQ3MDA0NjAfBgNVHSMEGDAWgBS/ZaKrb3Wj # TkWWVwXPOYf0wBUcHDBcBgNVHR8EVTBTMFGgT6BNhktodHRwOi8vd3d3Lm1pY3Jv # c29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBUZXN0aW5nJTIwUENBJTIw # MjAxMCgxKS5jcmwwaQYIKwYBBQUHAQEEXTBbMFkGCCsGAQUFBzAChk1odHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRlc3Rp # bmclMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEB # CwUAA4IBAQC8sVhFQnjzIfS8M/D1b4gViIvun2AjNFcx2seZJj09JzZud5f0nyue # O3aTdvC1uEdRh2h1SZD1aYTQ40KMQ6EO44bBHof26HywDQW0rKmOOiz57LGqYplJ # F39VbSohdBCogcqKa0WjEc4XGNha2MO8idELZ3A3glSTZhx2xfhGB0mLFNIwBhya # snymRDDFyDNaznN1ZpsQ/Lq6We5c7aSH8+20JlcjZXUbRfB+kJ7hpevvPQLUxp/7 # hVM3YDD1Z5sbOkbAZXZKTuk+sn0zgoQwPRTFJUhF0WTACFviMvjBNwlg/+BQRlWH # kc9wBRU1HSNqcHIdZFmJWNIkUYmyQHYjMIIGkzCCBHugAwIBAgITMwAAAC01ekaI # yQdx2AAAAAAALTANBgkqhkiG9w0BAQsFADCBkDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjE6MDgGA1UEAxMxTWljcm9zb2Z0IFRlc3RpbmcgUm9v # dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMDEyMTAyMDQzMjBaFw0z # NTA2MTcyMTA0MTFaMHkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBDQSAyMDEwMIIBIjANBgkq # hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzxggau+7P/XF2PypkLRE2KcsBfOukYa # eyIuVXOaVLnG1NHKmP53Rw2OnfBezPhU7/LPKtRi8ak0CgTXxQWG8hD1TdOWCGaF # 2wJ9GNzieiOnmildrnkYzwxj8Br/gampQz+pC7lR8bNIOvxELl8RxVY6/8oOzYgI # wf3H1fU+7+pOG3KLI71FN54fcMGnybggc+3zbD2LIQXPdxL+odwH6Q1beAlsMlUQ # R9A3yMf3+nP+RjTkVhaoN2RT1jX7w4C2jraGkaEQ1sFK9uN61BEKst4unhCX4IGu # El2IAV3MpMQoUpxg8ArmiK9L6VeK7KMPNx4p9l0h09faXQ7JTtuNbQIDAQABo4IB # +jCCAfYwDgYDVR0PAQH/BAQDAgGGMBIGCSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYB # BAGCNxUCBBYEFOqfXzO20F+erestpsECu0A4y+e1MB0GA1UdDgQWBBS/ZaKrb3Wj # TkWWVwXPOYf0wBUcHDBUBgNVHSAETTBLMEkGBFUdIAAwQTA/BggrBgEFBQcCARYz # aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnku # aHRtMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMA8GA1UdEwEB/wQFMAMBAf8w # HwYDVR0jBBgwFoAUowEEfjCIM+u5MZzK64V2Z/xltNEwWQYDVR0fBFIwUDBOoEyg # SoZIaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWlj # VGVzUm9vQ2VyQXV0XzIwMTAtMDYtMTcuY3JsMIGNBggrBgEFBQcBAQSBgDB+ME0G # CCsGAQUFBzAChkFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01p # Y1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNydDAtBggrBgEFBQcwAYYhaHR0cDov # L29uZW9jc3AubWljcm9zb2Z0LmNvbS9vY3NwMA0GCSqGSIb3DQEBCwUAA4ICAQAn # tNCFsp7MD6QqU3PVbdrXMQDI9v9jyPYBEbUYktrctPmvJuj8Snm9wWewiAN5Zc81 # NQVYjuKDBpb1un4SWVCb4PDVPZ0J87tGzYe9dOJ30EYGeiIaaStkLLmLOYAM6oIn # IqIwVyIk2SE/q2lGt8OvwcZevNmPkVYjk6nyJi5EdvS6ciPRmW9bRWRT4pWU8bZI # QL938LE4lHOQAixrAQiWes5Szp2U85E0nLdaDr5w/I28J/Z1+4zW1Nao1prVCOqr # osnoNUfVf1kvswfW3FY2l1PiAYp8sGyO57GaztXdBoEOBcDLedfcPra9+NLdEF36 # NkE0g+9dbokFY7KxhUJ8WpMiCmN4yj9LKFLvQbctGMJJY9EwHFifm2pgaiaafKF1 # Gyz+NruJzEEgpysMo/f9AVBQ/qCdPQQGEWp3QDIaef4ts9QTx+RmDKCBDMTFLgFm # mhbtUY0JWjLkKn7soz/LIcDUle/p5TiFD4VhfZnAcvYQHXfuslnyp+yuhWzASnAQ # NnOIO6fc1JFIwkDkcM+k/TspfAajzHooSAwXkrOWrjRDV6wI0YzMVHrEyQ0hZ5Nn # IXbL3lrTkOPjf3NBu1naSNEaySduStDbFVjV3TXoENEnZiugJKYSwmhzoYHM1ngi # pN5rNdqJiK5ukp6E8LDzi3l5/7XctJQY3+ZgHDJosjGCGXAwghlsAgEBMIGQMHkx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1p # Y3Jvc29mdCBUZXN0aW5nIFBDQSAyMDEwAhMzAAAFOerEzyAjdtJfAAEAAAU5MA0G # CWCGSAFlAwQCAQUAoIGwMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEEMBwGCisG # AQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCBuGblo4Z3R # n3lkmpcbdhuc+g73YJ5fnfrPFPENnYQAhTBEBgorBgEEAYI3AgEMMTYwNKAUgBIA # TQBpAGMAcgBvAHMAbwBmAHShHIAaaHR0cHM6Ly93d3cubWljcm9zb2Z0LmNvbSAw # DQYJKoZIhvcNAQEBBQAEggEAd1R+2FJVdbbgHjW9IfBWWLTS2Ygi6D+vyqs4kwiU # oqgxR+GFx587yMC0GwVdczbLsj0y2lfuv1k1ayA9Sl710rkcWHw0ws5fXfUJt80N # C6EmUOVH5uhtn4cN9HHs2G+hx3eqGIGXZstJlX9MOLB9g0TREA+q/Rn+WuJD/mQ+ # +DF0KgndGvIOQmQGmVbNM0KDYIFhQ1MNUcZFr8F7FjWOuCqaqoqaizUqh6QcbgCj # hVySBNZB8Cr4UF3RXCOOT0ySqWZGe+PPxahPNhTStHjVhSNwCSlBVVFgtVmdyGgT # 5sZZiwWYPSqXZskDKj8V2fcqubLsVfANyJiaR/TCMEXg+KGCFv0wghb5BgorBgEE # AYI3AwMBMYIW6TCCFuUGCSqGSIb3DQEHAqCCFtYwghbSAgEDMQ8wDQYJYIZIAWUD # BAIBBQAwggFRBgsqhkiG9w0BCRABBKCCAUAEggE8MIIBOAIBAQYKKwYBBAGEWQoD # ATAxMA0GCWCGSAFlAwQCAQUABCDprRTN07ZiqIKj5PpJD/wlejET45EQz2wnoNGO # iPQMQQIGY+5jXaUJGBMyMDIzMDMwMjA1NDU0MS4yMjlaMASAAgH0oIHQpIHNMIHK # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxN # aWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25zMSYwJAYDVQQLEx1UaGFsZXMgVFNT # IEVTTjpFNUE2LUUyN0MtNTkyRTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgU2VydmljZaCCEVQwggcMMIIE9KADAgECAhMzAAABvvQgou6W1iDWAAEAAAG+ # MA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4X # DTIyMTEwNDE5MDEyMloXDTI0MDIwMjE5MDEyMlowgcoxCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNh # IE9wZXJhdGlvbnMxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOkU1QTYtRTI3Qy01 # OTJFMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIICIjAN # BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApV/y2z7Da7nMu0tykLY8olh7Z03E # qFNz3iFlMp9gOfVmZABmheCc87RuPdQ2P+OHUJiqCQAWNuNSoI/Q1ixEw9AA657l # dD8Z3/EktpmxKHHavOhwQSFPcpTGFVXIxKCwoO824giyHPG84dfhdi6WU7f7D+85 # LaPB0dOsPHKKMGlC9p66Lv9yQzvAhZGFmFhlusCy/egrz6JX/OHOT9qCwughrL0I # Pf47ULe1pQSEEihy438JwS+rZU4AVyvQczlMC26XsTuDPgEQKlzx9ru7EvNV99l/ # KCU9bbFf5SnkN1moUgKUq09NWlKxzLGEvhke2QNMopn86Jh1fl/PVevN/xrZSpV2 # 3rM4lB7lh7XSsCPeFslTYojKN2ioOC6p3By7kEmvZCh6rAsPKsARJISdzKQCMq+m # qDuiP6mr/LvuWKinP+2ZGmK/C1/skvlTjtIehu50yoXNDlh1CN9B3QLglQY+UCBE # qJog/BxAn3pWdR01o/66XIacgXI/d0wG2/x0OtbjEGAkacfQlmw0bDc02dhQFki/ # 1Q9Vbwh4kC7VgAiJA8bC5zEIYWHNU7C+He69B4/2dZpRjgd5pEpHbF9OYiAf7s5M # nYEnHN/5o/bGO0ajAb7VI4f9av62sC6xvhKTB5R4lhxEMWF0z4v7BQ5CHyMNkL+o # TnzJLqnLVdXnuM0CAwEAAaOCATYwggEyMB0GA1UdDgQWBBTrKiAWoYRBoPGtbwvb # hhX6a2+iqjAfBgNVHSMEGDAWgBSfpxVdAF5iXYP05dJlpxtTNRnpcjBfBgNVHR8E # WDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9N # aWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcmwwbAYIKwYB # BQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20v # cGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEw # KDEpLmNydDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMIMA0GCSqG # SIb3DQEBCwUAA4ICAQDHlfu9c0ImhdBis1yj56bBvOSyGpC/rSSty+1F49Tf6fmF # EeqxhwTTHVHOeIRNd8gcDLSz0d79mXCqq8ynq6gJgy2u4LyyAr2LmwzFVuuxoGVR # 8YuUnRtvsDH5J+unye/nMkwHiC+G82h3uQ8fcGj+2H0nKPmUpUtfQruMUXvzLjV5 # NyRjDiCL5c/f5ecmz01dnpnCvE6kIz/FTpkvOeVJk22I2akFZhPz24D6OT6KkTtw # BRpSEHDYqCQ4cZ+7SXx7jzzd7b+0p9vDboqCy7SwWgKpGQG+wVbKrTm4hKkZDzcd # AEgYqehXz78G00mYILiDTyUikwQpoZ7am9pA6BdTPY+o1v6CRzcneIOnJYanHWz0 # R+KER/ZRFtLCyBMvLzSHEn0sR0+0kLklncKjGdA1YA42zOb611UeIGytZ9VhNwn4 # ws5GJ6n6PJmMPO+yPEkOy2f8OBiuhaqlipiWhzGtt5UsC0geG0sW9qwa4QAW1sQW # IrhSl24MOOVwNl/Am9/ZqvLRWr1x4nupeR8G7+DNyn4MTg28yFZRU1ktSvyBMUSv # N2K99BO6p1gSx/wvSsR45dG33PDG5fKqHOgDxctjBU5bX49eJqjNL7S/UndLF7S0 # OWL9mdk/jPVHP2I6XtN0K4VjdRwvIgr3jNib3GZyGJnORp/ZMbY2Dv1mKcx7dTCC # B3EwggVZoAMCAQICEzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZIhvcNAQELBQAw # gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMT # KU1pY3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDEwMB4XDTIx # MDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg # UENBIDIwMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk4aZM57Ry # IQt5osvXJHm9DtWC0/3unAcH0qlsTnXIyjVX9gF/bErg4r25PhdgM/9cT8dm95VT # cVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPFdvWGUNzBRMhx # XFExN6AKOG6N7dcP2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6GnszrYBbfowQ # HJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBpDco2LXCOMcg1 # KL3jtIckw+DJj361VI/c+gVVmG1oO5pGve2krnopN6zL64NF50ZuyjLVwIYwXE8s # 4mKyzbnijYjklqwBSru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3EXzTdEonW/aUg # fX782Z5F37ZyL9t9X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3 # Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je # 1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUY # hEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PAPBXbGjfHCBUY # P3irRbb1Hode2o+eFnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkwEgYJKwYBBAGC # NxUBBAUCAwEAATAjBgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4w # HQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARVMFMwUQYMKwYB # BAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNv # bS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcD # CDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0T # AQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNV # HR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9w # cm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEE # TjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2Nl # cnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG9w0BAQsFAAOC # AgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0xM7U518JxNj/a # ZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmCVgADsAW+iehp # 4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449xvNo32X2pFaq # 95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wMnosZiefwC2qB # woEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG # +jIa2Zb0j/aRAfbOxnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2dY3RILLFORy3B # FARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77 # IVRrakURR6nxt67I6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJ # fn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokLjzbaukz5m/8K # 6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDx # yKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggLLMIICNAIBATCB # +KGB0KSBzTCByjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO # BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEl # MCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEmMCQGA1UECxMd # VGhhbGVzIFRTUyBFU046RTVBNi1FMjdDLTU5MkUxJTAjBgNVBAMTHE1pY3Jvc29m # dCBUaW1lLVN0YW1wIFNlcnZpY2WiIwoBATAHBgUrDgMCGgMVAGitWlL3vPu8ENOA # e+i2+4wfTMB7oIGDMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAw # DQYJKoZIhvcNAQEFBQACBQDnqq0TMCIYDzIwMjMwMzAyMTMwNTIzWhgPMjAyMzAz # MDMxMzA1MjNaMHQwOgYKKwYBBAGEWQoEATEsMCowCgIFAOeqrRMCAQAwBwIBAAIC # GOowBwIBAAICEdIwCgIFAOer/pMCAQAwNgYKKwYBBAGEWQoEAjEoMCYwDAYKKwYB # BAGEWQoDAqAKMAgCAQACAwehIKEKMAgCAQACAwGGoDANBgkqhkiG9w0BAQUFAAOB # gQBbT6GfcLc3qWUHN/V/LqAGLu/7qVlz9xRhQQIP3dBdZ9a+ItQH+ggam6nZhWE6 # PaMJhqcfg0EtCMpXVpLJpec/FsuuW8CI5CnC2X4KUTZW12SKmpMd1rl7OA5CZLxv # tEw3FLCRSTEWRdrG5pMW65apbC/QsC4xOYdelUsZgQVbdDGCBA0wggQJAgEBMIGT # MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT # HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABvvQgou6W1iDWAAEA # AAG+MA0GCWCGSAFlAwQCAQUAoIIBSjAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQ # AQQwLwYJKoZIhvcNAQkEMSIEIGSDoQ8G8upvy1egrq5AwWNcn41+t53+QeFIWqQT # r3qvMIH6BgsqhkiG9w0BCRACLzGB6jCB5zCB5DCBvQQglO6Kr632/Oy9ZbXPrhEP # idNAg/Fef7K3SZg+DxjhDC8wgZgwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UE # CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z # b2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQ # Q0EgMjAxMAITMwAAAb70IKLultYg1gABAAABvjAiBCCJL12/Ehlpe8oZitcbFWxN # kxlIjukO0F4iaSwlHMaCCTANBgkqhkiG9w0BAQsFAASCAgBiL8RK6iaYXANoHhJC # 68LJ8yJJh+VlHabpO+qeC44JAr4ItRS9mp1npwL6sYWOGI6lSVgT7UACiUQZj7Cz # +imBscN5hdhTetVm7YQh1cjrNXJkKc2wcktsmULB5jRso+Tubd7FiXrHE24ZbKSg # sH980JOrNtFJW14DAdeQl8xulXP16acqh82P7spS7VsddkAqZ/ZCwz1RLIvziMqU # xnZ8pocAV8hTjf6u2x5pLtbf0FcKjmKRNtzQLK/W2scUTULGDMsR/E8NebK9vZXv # IK6PCcm1v0mIgWK2jejoUI0i1pPhkcwMThhwJiGeqBIPklfQ3t7x+g6gvGPQkkwB # 8R7hqfbKuadQDVx+F460Zdq73mxYc9JWgP9ZPwSJ/ui8Fn3PCfBMBFSuaeVjn0mt # RcKTZbuuycB9yqB6NUdxbDKAuc1atsj1dBbCimU2IshuCH1oSiKaVDMklIAirk9f # Agzn4KkYkOYJFeDAz0TK23ZU0hZrDuaKCZakDg3P4v93JmZUxsWcsbjk0zZRWs2f # DJNJM72pkza2zcKs6BWm4i/SFG6J555LnaIhfSeHr7p4Xd73GCwekqekjZfwpowL # DFAbxMy3KUp/hZJ2yfSEQq5AGcsD5c/pGfYQDxj4AGSLF0wdL2eYsWmUb/Qi/Mbq # 5aEXRgUCl/yGYSiT0WPvto42dw== # SIG # End signature block |