Checks/check-ORCA233.ps1
|
<#
233 - Check EF is turned on where MX not set to MDO #> using module "..\ORCA.psm1" class ORCA233 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA233() { $this.Control=233 $this.Area="Connectors" $this.Name="Domains" $this.PassText="Domains are pointed directly at EOP or enhanced filtering is used" $this.FailRecommendation="Send mail directly to EOP or configure enhanced filtering" $this.Importance="Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MDO) works best when the mail exchange (MX) record is pointed directly at the service. <p>In the event another third-party service is being used, a very important signal (the senders IP address) is obfuscated and hidden from EOP & MDO, generating a larger quantity of false positives and false negatives. By configuring Enhanced Filtering with the IP addresses of these services the true senders IP address can be discovered, reducing the false-positive and false-negative impact.</p>" $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Domain" $this.ItemName="Points to Service" $this.DataType="Enhanced Filtering" $this.Links= @{ "Microsoft 365 Defender Portal - Enhanced Filtering"="https://aka.ms/orca-connectors-action-skiplisting" "Enhanced Filtering for Connectors"="https://aka.ms/orca-connectors-docs-1" } } <# RESULTS #> GetResults($Config) { $Connectors = @() # Analyze connectors ForEach($Connector in $($Config["InboundConnector"] | Where-Object {$_.Enabled})) { # Set regex options for later match $options = [Text.RegularExpressions.RegexOptions]::IgnoreCase ForEach($senderdomain in $Connector.SenderDomains) { # Perform match on sender domain $match = [regex]::Match($senderdomain,"^smtp:\*;(\d*)$",$options) if($match.success) { # Positive match $Connectors += New-Object -TypeName PSObject -Property @{ Identity=$Connector.Identity Priority=$($match.Groups[1].Value) TlsSenderCertificateName=$Connector.TlsSenderCertificateName EFTestMode=$Connector.EFTestMode EFSkipLastIP=$Connector.EFSkipLastIP EFSkipIPs=$Connector.EFSkipIPs EFSkipMailGateway=$Connector.EFSkipMailGateway EFUsers=$Connector.EFUsers } } } } $EFDisabledConnectors = @($Connectors | Where-Object {($_.EFSkipIPs.Count -eq 0 -and $_.EFSkipLastIP -eq $False) -or $_.EFTestMode -eq $True -or $_.EFUsers.Count -gt 0}) If($EFDisabledConnectors.Count -gt 0 -or $Connectors.Count -eq 0) { $EnhancedFiltering = $False } else { $EnhancedFiltering = $True } ForEach($Domain in $Config["AcceptedDomains"]) { # Get the MX record report for this domain $MXRecords = @($Config["MXReports"] | Where-Object {$_.Domain -eq $($Domain.DomainName)}) # Construct config object $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$($Domain.Name) If($MXRecords.PointsToService -Contains $False) { $PointsToService = $False } else { $PointsToService = $True } If($PointsToService) { $ConfigObject.ConfigItem="Yes" $ConfigObject.ConfigData="Not Required" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } else { $ConfigObject.ConfigItem="No" If($EnhancedFiltering) { $ConfigObject.ConfigData="Configured" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } else { $ConfigObject.ConfigData="Not Configured" $ConfigObject.SetResult([ORCAConfigLevel]::All,[ORCAResult]::Informational) $ConfigObject.InfoText = "This domain is not pointed to EOP and all default inbound connectors are not configured for skip listing. Check the enhanced filtering segment for more information." } } $this.AddConfig($ConfigObject) } } } # SIG # Begin signature block # MIImaQYJKoZIhvcNAQcCoIImWjCCJlYCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBf2RhDhPYshiF5 # Y1+eW38h9PmMkTyAe/wjSudXHxVJ0qCCC7UwggUaMIIEAqADAgECAhMzAAAFwWtu # fQG/Bj+tAAEAAAXBMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIzMDkyMTE4MTE0MloXDTI0MDkxODE4MTE0MlowfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQCjZPhOmWqhsCZshcxkJdnaUWYvbT72V/l1hgVjHnd6h5WrFUenJ0EswFmi # f0kY9NnUq0R/WB1mo0kIjRgqxnVUdCbaHEl7Dl2yq2Qa086tf/zbRBXo5kitssgq # zzQr/pvNTM93zH5SVcWsRCOFyLyEgR2foSzdC83bUpaSNT9YskbkiWUD5S4nyLBi # HRMP2fshdykl6q0XP2RM0020vv93miIrnc69ZmQak1KmZlwWgWtK9uSc/3m3T1sk # 9piA5LP2csBfgi37qtGuuyh+2D3e9Ds25JutIvlOSFVrWVrQlYhvvyztwzbrAlbG # ZGivyw6zO4S59daxxsRUWFDWPKtFAgMBAAGjggGWMIIBkjAOBgNVHQ8BAf8EBAMC # B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFGByvk1Je5Cl5oP8kQWu # IV7lpwtVMFQGA1UdEQRNMEukSTBHMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJlbGFu # ZCBPcGVyYXRpb25zIExpbWl0ZWQxFjAUBgNVBAUTDTIzMDA3Mis1MDE1NjcwHwYD # VR0jBBgwFoAUv2Wiq291o05FllcFzzmH9MAVHBwwXAYDVR0fBFUwUzBRoE+gTYZL # aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIw # VGVzdGluZyUyMFBDQSUyMDIwMTAoMSkuY3JsMGkGCCsGAQUFBwEBBF0wWzBZBggr # BgEFBQcwAoZNaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9N # aWNyb3NvZnQlMjBUZXN0aW5nJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/ # BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAntepJCM1sNEpjz+qB6VNV+W3+m4tLLA/ # 3S+8iay6i7OOndw7+QZ18l0aYaVzBTUXkCFARqYCCoXNOWdQ5QODJpUgdcOjDCK6 # X+/EPOx4jh0nLMTnJrwg0LGWpBEOv+rG+kR5Aoy3NG1NAbNaGcGl10wlpuMDjOFO # GVDTYqBM8XsgtmnekyUzmWxfzdAN532ABD+NwOy35LdrBJbsjIARh8ydZA8qeuBV # IKVngA/JGGx55N9QsbilyKVipuL+kxZJb1qYXusnqNufi8MEU3vgwfQFjVtj3k13 # R4H5vbHaHc0arlodPjhRrBcAAl0di6Lo+SI8J96X48GZUeC8iud24TCCBpMwggR7 # oAMCAQICEzMAAAAtNXpGiMkHcdgAAAAAAC0wDQYJKoZIhvcNAQELBQAwgZAxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xOjA4BgNVBAMTMU1pY3Jv # c29mdCBUZXN0aW5nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcN # MjAxMjEwMjA0MzIwWhcNMzUwNjE3MjEwNDExWjB5MQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQ # Q0EgMjAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL88YIGrvuz/ # 1xdj8qZC0RNinLAXzrpGGnsiLlVzmlS5xtTRypj+d0cNjp3wXsz4VO/yzyrUYvGp # NAoE18UFhvIQ9U3TlghmhdsCfRjc4nojp5opXa55GM8MY/Aa/4GpqUM/qQu5UfGz # SDr8RC5fEcVWOv/KDs2ICMH9x9X1Pu/qThtyiyO9RTeeH3DBp8m4IHPt82w9iyEF # z3cS/qHcB+kNW3gJbDJVEEfQN8jH9/pz/kY05FYWqDdkU9Y1+8OAto62hpGhENbB # SvbjetQRCrLeLp4Ql+CBrhJdiAFdzKTEKFKcYPAK5oivS+lXiuyjDzceKfZdIdPX # 2l0OyU7bjW0CAwEAAaOCAfowggH2MA4GA1UdDwEB/wQEAwIBhjASBgkrBgEEAYI3 # FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBTqn18zttBfnq3rLabBArtAOMvntTAd # BgNVHQ4EFgQUv2Wiq291o05FllcFzzmH9MAVHBwwVAYDVR0gBE0wSzBJBgRVHSAA # MEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv # RG9jcy9SZXBvc2l0b3J5Lmh0bTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAP # BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKMBBH4wiDPruTGcyuuFdmf8ZbTR # MFkGA1UdHwRSMFAwTqBMoEqGSGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kv # Y3JsL3Byb2R1Y3RzL01pY1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNybDCBjQYI # KwYBBQUHAQEEgYAwfjBNBggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraS9jZXJ0cy9NaWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5jcnQwLQYI # KwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDANBgkq # hkiG9w0BAQsFAAOCAgEAJ7TQhbKezA+kKlNz1W3a1zEAyPb/Y8j2ARG1GJLa3LT5 # rybo/Ep5vcFnsIgDeWXPNTUFWI7igwaW9bp+EllQm+Dw1T2dCfO7Rs2HvXTid9BG # BnoiGmkrZCy5izmADOqCJyKiMFciJNkhP6tpRrfDr8HGXrzZj5FWI5Op8iYuRHb0 # unIj0ZlvW0VkU+KVlPG2SEC/d/CxOJRzkAIsawEIlnrOUs6dlPORNJy3Wg6+cPyN # vCf2dfuM1tTWqNaa1Qjqq6LJ6DVH1X9ZL7MH1txWNpdT4gGKfLBsjuexms7V3QaB # DgXAy3nX3D62vfjS3RBd+jZBNIPvXW6JBWOysYVCfFqTIgpjeMo/SyhS70G3LRjC # SWPRMBxYn5tqYGommnyhdRss/ja7icxBIKcrDKP3/QFQUP6gnT0EBhFqd0AyGnn+ # LbPUE8fkZgyggQzExS4BZpoW7VGNCVoy5Cp+7KM/yyHA1JXv6eU4hQ+FYX2ZwHL2 # EB137rJZ8qfsroVswEpwEDZziDun3NSRSMJA5HDPpP07KXwGo8x6KEgMF5Kzlq40 # Q1esCNGMzFR6xMkNIWeTZyF2y95a05Dj439zQbtZ2kjRGsknbkrQ2xVY1d016BDR # J2YroCSmEsJoc6GBzNZ4IqTeazXaiYiubpKehPCw84t5ef+13LSUGN/mYBwyaLIx # ghoKMIIaBgIBATCBkDB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMAITMwAABcFr # bn0BvwY/rQABAAAFwTANBglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYK # KwYBBAGCNwIBBDAcBgorBgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG # 9w0BCQQxIgQgNhGZVk0lX2U9hFBhgiCFWNhduIlCFE22xUthdvxZTscwRAYKKwYB # BAGCNwIBDDE2MDSgFIASAE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3 # Lm1pY3Jvc29mdC5jb20gMA0GCSqGSIb3DQEBAQUABIIBAIY4pIb40amNnghndgen # xGhSnv9Nr8O/f2qF5uyAO7l0JMKvwvqHP6pPMf++GXhM8CeBZLcrrL2rv41NL59I # S2/p0+xmScoj5oFuS4/9dlMDQtwQ6NFJLg8ftaI3OK6iScRhMMJWNCCh22vDQ3Yz # B7Mpqi98lrZ2q/4i5E8asAKBakRlQkXuL4UqJ8vrcdXYa1MZqmI8Yr/c4ypYgBFv # pSSemu+HgrRq8w7RK9G6oNrOGNzQqK2i2oLk6iiiqNsxpY7gh6tnBHATQoLVf5Av # 9zYN8Uz6/oyH1brcWyvg7u4eNiqQdYHaJb2rqiXLKTdkPbMqAZ7PfrzaE3fOyKT+ # p0ihgheXMIIXkwYKKwYBBAGCNwMDATGCF4Mwghd/BgkqhkiG9w0BBwKgghdwMIIX # bAIBAzEPMA0GCWCGSAFlAwQCAQUAMIIBUgYLKoZIhvcNAQkQAQSgggFBBIIBPTCC # ATkCAQEGCisGAQQBhFkKAwEwMTANBglghkgBZQMEAgEFAAQgkoWIOXR/vr1egDSb # Erbdx+aGRo6WcKD9ga7q5p7NpxUCBmVWwtS3mRgTMjAyMzEyMDcyMDA1NTcuNjY4 # WjAEgAIB9KCB0aSBzjCByzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUG # A1UECxMeblNoaWVsZCBUU1MgRVNOOkE0MDAtMDVFMC1EOTQ3MSUwIwYDVQQDExxN # aWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloIIR7TCCByAwggUIoAMCAQICEzMA # AAHWJ2n/ci1WyK4AAQAAAdYwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUt # U3RhbXAgUENBIDIwMTAwHhcNMjMwNTI1MTkxMjM0WhcNMjQwMjAxMTkxMjM0WjCB # yzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMc # TWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBU # U1MgRVNOOkE0MDAtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1T # dGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzyzN # jpvK+bt33GwxDl8nSbW5FuVN+ChWn7QvvEMjaqZTCM0kwtU6BNM3MHkArzyH6WLc # jwd47enz0aa74cApLFMPadDn5mc1jw75LeNAVErbvNd0Ja5aEXaZS89saZNvYyDm # ePqwWymmZAT2eEeC10IZJB53tGP2IfOWajDEWjFpATOp1MFeWg4sF6nRPScpdItW # lmGwqs8AUXTewk5QCcayeO6L97n/5RYPYZ1UHKkGIEa0RaQzRTDj9IMM+TY+mtuB # mZ3BRBkZisCJi/uSlj51YL2nSUkaemaq2FdxZmwZmbbBdIUpVYy0DvJ8XpRle076 # iCEiLL9m0DIFAVRM/MBxclN/Ot4B4/AQmxKSc5u+XyybC9z+upSVDUTewkbHzRGx # 3V/3eo6KVThcBe6Jpk0I6VN+wP+2EdMCQ07embF1Po/8GJaPW9trdalLYao0bN9q # Bn9k0UwqEFi4SXt3ACGEZZWv4BCpW7gw7Bt/dusuBDBxcU47I63GRGw1sIwd8K6d # dQ8oNUCnA8i1LNmpwaJb0MCUzdJjDrlzvLQc9tJ4P/l8PuMPlvTzJL1tX2mIuN+V # YykWbB38SD4yM2dMH+BYm5lTyR2fmk8RrFST8cnQob7xgn+H3vF32GPT+ZW5/UnC # nOGnU3eOBgqwZSfyTrKAODrzR2Olvl3ClXCCBlsCAwEAAaOCAUkwggFFMB0GA1Ud # DgQWBBRhmlQ2O00AYjAioNvo/80U3GLGTjAfBgNVHSMEGDAWgBSfpxVdAF5iXYP0 # 5dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jvc29m # dC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIw # MjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUt # U3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB # /wQMMAoGCCsGAQUFBwMIMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOC # AgEA1L/kYzYncCcUmzJNSL0vC38TTPFWlYacUdUpFvhUWOgCpJ9rNzp9vZxhFZWr # W5SL9alUypK1MS2DGdM/kQOppn17ntmO/2AW8zOZFHlIFNstTJm4p+sWnU/Q8xAn # hOxOPt5Ng5mcblfhixWELKpA23vKMu/twUolNvasmQGE/b0QwCz1AuWcMqD5DXym # 6o5d1YBU6iLmxEK+ejNGHTFpagqqtMlZZ/Zj24Rx81xzo2kLLq6IRwn+1U/HLe/a # aN+BXfF3LKpsoXSgctY3cpJ64pPhd7xJf/dKmqJ+TfCk2aBrThZWiRT52dg6kLW9 # llpH7gKBlqxkgONzMpe/j2G1LK4vzazLwHfWfifRZarDMF0BcQAe7oyYuIT/AR/I # +qpJsuLrpVOUkkGul5BJXGikGEqSXEo5I8kwyDqX+i2QU2hcennqKg2dJVEYYkaj # vtcqPLlzvPXupIAXgvLdVjeSE6l546HGIA78haabbFA4J0VIiNTP0JfztvfVZLTJ # CC+9oukHeAQbK492foixJyj/XqVMKLD9Ztzdr/coV0NR4rrCZetyH1yMnwSWlr0A # 4FNyZOHiGUq/9iiI+KbV7ePegkYh04tNdZHMA6XY0CwEIgr6I9absoX8FX9huWcA # abSF4rzUW2t+CpA+aKphKBdckRUPOIg7H/4Isp/1yE+2GP8wggdxMIIFWaADAgEC # AhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQg # Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIyMjVa # Fw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMIIC # IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5vQ7V # gtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64NmeF # RiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhuje3X # D9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl3GoP # z130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPgyY9+ # tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I5Jas # AUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2ci/b # fV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/TNuv # XsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy16cg # 8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y1BzF # a/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6HXtqP # nhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMBAAEw # IwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQWBBSf # pxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30BATBB # MD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0Rv # Y3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYBBAGC # NxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8w # HwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmg # R4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWlj # Um9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEF # BQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29D # ZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1VffwqreEs # H2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27DzHk # wo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pvvinL # btg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9AkvUCg # vxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWKNsId # w2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2kQH2 # zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+c23K # jgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep8beu # yOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+DvktxW/ # tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1ZyvgDbjm # jJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/2XBj # U02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYIDUDCCAjgCAQEwgfmhgdGkgc4wgcsx # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1p # Y3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMxJzAlBgNVBAsTHm5TaGllbGQgVFNT # IEVTTjpBNDAwLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUA+a9w1UaQBkKPbEy1B3gQvOzaSvqg # gYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G # A1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYw # JAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0B # AQsFAAIFAOkcRg0wIhgPMjAyMzEyMDcxMzI0MjlaGA8yMDIzMTIwODEzMjQyOVow # dzA9BgorBgEEAYRZCgQBMS8wLTAKAgUA6RxGDQIBADAKAgEAAgIM/gIB/zAHAgEA # AgITfzAKAgUA6R2XjQIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMC # oAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBCwUAA4IBAQBxPhLO # 198pLrdiQpGAAsyEp7nh3h2uKJJ3xO+xt90vJK1z6xoUN/SwcyKxDrqF629EDBJ2 # i7/Z3LSNLsWMi/I2L5mD2gY5mvipDmAQMpZuncgGh4ItcyFT46W+kujtLq1ChLNE # xQRfWUDyjTQTAz8MBao6GKuEm2ToB1R36owI+Puy0BzYhMTGga/vGp6hzvCe1l+Z # HoGleKfd+4qRZiTe6awDNCk5myBd2LWE/UKq+VeXkksY26KP0avzpECkg7dgXTBX # KyW8XVb44IRrE4pFQDyvY6A1Au3RaVuAKAor7qDIPRWvEE6PV299fIhlHSJIY0Qv # SAspbvvK+Qe8TnSdMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg # UENBIDIwMTACEzMAAAHWJ2n/ci1WyK4AAQAAAdYwDQYJYIZIAWUDBAIBBQCgggFK # MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgmKiq # oRuEKBK6V+GFPkh8puVnwxn6R62gxlRQpypTQRgwgfoGCyqGSIb3DQEJEAIvMYHq # MIHnMIHkMIG9BCDWy00NV3jTPhAYpzhCTI2XdIzDQ7q/gCvjvD9do+Uk/DCBmDCB # gKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH # EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNV # BAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB1idp/3ItVsiu # AAEAAAHWMCIEIKcMmJv2V67XJyAERUK75D/p2TcPWdTLl+t7bxlye+YxMA0GCSqG # SIb3DQEBCwUABIICAD1BqMi2TYg91OH2AzrA3QTpZ6oIFAvJ/mP5XtZv0YyZE/7g # W88dguSOCtQIkmPaZxmrrzQw4M1KVEN2SpktwvZNRrxwqnyjd3H7lCvnFuN91wU/ # DMozQWmChOgG3jQNpvVuPqoWH5VDJGpofiVdtHE2yAba5gnysyaXmBUmggZgWYzP # e7hNMo2UJImrfIEj2y7DKGaKAu0i+U9ciOkNPCLfSrmQANjoMOKXYSiPUQW0kOVQ # Xc/7W3CRK50cHmGb3faaZkF8Qi+W810m7peoGtx2X2KogNR7SNf1bUF15F3mROSh # PUros+YRF8x1YV+DJeE2K2vqOdcQwSC26djvrjoS0BKFh9FzIO1SbpA14UlXuY/S # bhqz6GPzF8oQhGaPoYcubx4jQZV1z1IN3+suFDUdUmVEqRSwDrKHE0Hnq/1uqvh7 # CQAu+oZzOrgOvZNihwfeFxNoZ66jDPQeksiIs8J0FRfYTryr2n1OLsCQez9+MPIf # 6+56PCZQN3A406lO/BBnDcHDMO5Ikz+poipVKSKZs+D8uhPr0SDtIY3AFIbVMe9u # cEGXaNxXk/l/SkJgDY9ssGLYZGUlaRmrFughODsYKEj4Pyy+MEzvITp60XUUUDiU # NDjrJ0FCMw7IO87eNrZOGB6iYF9f2osRHlBPrBCCV3gilxKL+uC2MDEBDh/o # SIG # End signature block |