Checks/check-ORCA103.ps1
|
using module "..\ORCA.psm1" class ORCA103 : ORCACheck { <# CONSTRUCTOR with Check Header Data #> ORCA103() { $this.Control="ORCA-103" $this.Area="Anti-Spam Policies" $this.Name="Outbound spam filter policy settings" $this.PassText="Outbound spam filter policy settings configured" $this.FailRecommendation="Set RecipientLimitExternalPerHour to 500, RecipientLimitInternalPerHour to 1000, and ActionWhenThresholdReached to block." $this.Importance="Configure the maximum number of recipients that a user can send to, per hour for internal (RecipientLimitInternalPerHour) and external recipients (RecipientLimitExternalPerHour) and maximum number per day for outbound email. It is common, after an account compromise incident, for an attacker to use the account to generate spam and phish. Configuring the recommended values can reduce the impact, but also allows you to receive notifications when these thresholds have been reached." $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Outbound Spam Policy" $this.ItemName="Setting" $this.DataType="Current Value" $this.ChiValue=[ORCACHI]::Low $this.Links= @{ "Microsoft 365 Defender Portal - Anti-spam settings"="https://security.microsoft.com/antispam" "Recommended settings for EOP and Microsoft Defender for Office 365 security"="https://aka.ms/orca-atpp-docs-6" } } <# RESULTS #> GetResults($Config) { ForEach($Policy in $Config["HostedOutboundSpamFilterPolicy"]) { <# RecipientLimitExternalPerHour #> $policyname = $Config["PolicyStates"][$Policy.Guid.ToString()].Name $RecipientLimitExternalPerHour = $($Policy.RecipientLimitExternalPerHour) $RecipientLimitInternalPerHour = $($Policy.RecipientLimitInternalPerHour) $RecipientLimitPerDay = $($Policy.RecipientLimitPerDay) $ActionWhenThresholdReached = $($Policy.ActionWhenThresholdReached) $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="RecipientLimitExternalPerHour" $ConfigObject.ConfigData=$RecipientLimitExternalPerHour $ConfigObject.ConfigDisabled=!$Config["PolicyStates"][$Policy.Guid.ToString()].Applies $ConfigObject.ConfigReadonly=$Policy.IsPreset $ConfigObject.ConfigPolicyGuid=$Policy.Guid.ToString() # Recipient per hour limit for standard is 500 If($RecipientLimitExternalPerHour -eq 500) { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } # Recipient per hour limit for strict is 400 If($RecipientLimitExternalPerHour -eq 400) { $ConfigObject.SetResult([ORCAConfigLevel]::Strict,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Strict,"Fail") } # Add config to check $this.AddConfig($ConfigObject) <# RecipientLimitInternalPerHour #> $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="RecipientLimitInternalPerHour" $ConfigObject.ConfigData=$($RecipientLimitInternalPerHour) $ConfigObject.ConfigDisabled=!$Config["PolicyStates"][$Policy.Guid.ToString()].Applies $ConfigObject.ConfigReadonly=$Policy.IsPreset If($RecipientLimitInternalPerHour -eq 1000) { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } If($RecipientLimitInternalPerHour -eq 800) { $ConfigObject.SetResult([ORCAConfigLevel]::Strict,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Strict,"Fail") } # Add config to check $this.AddConfig($ConfigObject) <# RecipientLimitPerDay #> $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="RecipientLimitPerDay" $ConfigObject.ConfigData=$($RecipientLimitPerDay) $ConfigObject.ConfigDisabled=!$Config["PolicyStates"][$Policy.Guid.ToString()].Applies $ConfigObject.ConfigReadonly=$Policy.IsPreset If($RecipientLimitPerDay -eq 1000) { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } If($RecipientLimitPerDay -eq 800) { $ConfigObject.SetResult([ORCAConfigLevel]::Strict,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Strict,"Fail") } # Add config to check $this.AddConfig($ConfigObject) $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$policyname $ConfigObject.ConfigItem="ActionWhenThresholdReached" $ConfigObject.ConfigData=$($ActionWhenThresholdReached) $ConfigObject.ConfigDisabled=!$Config["PolicyStates"][$Policy.Guid.ToString()].Applies $ConfigObject.ConfigReadonly=$Policy.IsPreset If($ActionWhenThresholdReached -like "BlockUser") { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } Else { $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } # Add config to check $this.AddConfig($ConfigObject) } } } # SIG # Begin signature block # MIImVwYJKoZIhvcNAQcCoIImSDCCJkQCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCGlyqB4nfeKLnF # QvutGM3eSsdezm2uOPzK+opPovN24qCCC6YwggULMIID86ADAgECAhMzAAAFwlgA # 087+f22BAAEAAAXCMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIzMDkyMTE4MTE0M1oXDTI0MDkxODE4MTE0M1owfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQD5++3gGQURCZ5RFx3f6hxBcryv+l9JDcB/ue8Nf4lxtCZ3BYkCuFTxGzQs # lXh4SBgmfcoDr8X9mqmYlAhGlQn5WdhIlIjY7cyO+Jj9qH6ir7kKmqnxX5UMl2e8 # 1Xd78imtyJHeK3X/mReHaJItcbdObmRrJeq1cJm2qgiadjJK9aFPIGTd/2jgBIMc # G1LVd+lHU7fPU+wlvJshXoo7rj82PhSGoMqTN4s30oaUlIpKwhyn6eO7UIlD77Ez # NikN8J35LSlUGAWR7UW/qBrlVM9JURkIsAFfHUdZbsCu0wB3dHMBru+oDim+X/R9 # ko+B0F3Me40uod5i5D8m8HqIazstAgMBAAGjggGHMIIBgzAOBgNVHQ8BAf8EBAMC # B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFJfRokzB8QH6nZ8MnJQI # ahPRxmYhMEUGA1UdEQQ+MDykOjA4MR4wHAYDVQQLExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xFjAUBgNVBAUTDTIzMDA3Mis1MDE1NjYwHwYDVR0jBBgwFoAUv2Wiq291 # o05FllcFzzmH9MAVHBwwXAYDVR0fBFUwUzBRoE+gTYZLaHR0cDovL3d3dy5taWNy # b3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwVGVzdGluZyUyMFBDQSUy # MDIwMTAoMSkuY3JsMGkGCCsGAQUFBwEBBF0wWzBZBggrBgEFBQcwAoZNaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUZXN0 # aW5nJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B # AQsFAAOCAQEAMmCxC2x6fhzNJHnCk9zTlYQo0e/MzR5BHxJul6XfH7L2K+EOr+Wv # wiAvkkA47zgupON7XKs+NQFkTQAAw/tgzpZ95d2KyRUxbwfik44uLSqvgVNlSDSk # Ant8qiTj3+EhxYhcHQJwA4vz4Ow+rLIQOvPIHB0cOj1bJ/Z0olgCXfo/oORtXQe3 # 9M6dO7XvQ2i0SRvnfn95hodbpPWDmSvyHvZU5rHVLTBwyh9oTQ4v30P8eeAONxp6 # Sp6X7hLDy14Q0L4nfBeRFdf9M/DK6LjJ3bUWlYcqRpFwqMjAJQkW8RMtWuV8uSgD # PAR/tnqsaUFRAILpmfqPUwgXIVGT0/89iDCCBpMwggR7oAMCAQICEzMAAAAtNXpG # iMkHcdgAAAAAAC0wDQYJKoZIhvcNAQELBQAwgZAxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xOjA4BgNVBAMTMU1pY3Jvc29mdCBUZXN0aW5nIFJv # b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMjAxMjEwMjA0MzIwWhcN # MzUwNjE3MjEwNDExWjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMDCCASIwDQYJ # KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL88YIGrvuz/1xdj8qZC0RNinLAXzrpG # GnsiLlVzmlS5xtTRypj+d0cNjp3wXsz4VO/yzyrUYvGpNAoE18UFhvIQ9U3Tlghm # hdsCfRjc4nojp5opXa55GM8MY/Aa/4GpqUM/qQu5UfGzSDr8RC5fEcVWOv/KDs2I # CMH9x9X1Pu/qThtyiyO9RTeeH3DBp8m4IHPt82w9iyEFz3cS/qHcB+kNW3gJbDJV # EEfQN8jH9/pz/kY05FYWqDdkU9Y1+8OAto62hpGhENbBSvbjetQRCrLeLp4Ql+CB # rhJdiAFdzKTEKFKcYPAK5oivS+lXiuyjDzceKfZdIdPX2l0OyU7bjW0CAwEAAaOC # AfowggH2MA4GA1UdDwEB/wQEAwIBhjASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsG # AQQBgjcVAgQWBBTqn18zttBfnq3rLabBArtAOMvntTAdBgNVHQ4EFgQUv2Wiq291 # o05FllcFzzmH9MAVHBwwVAYDVR0gBE0wSzBJBgRVHSAAMEEwPwYIKwYBBQUHAgEW # M2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5 # Lmh0bTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAPBgNVHRMBAf8EBTADAQH/ # MB8GA1UdIwQYMBaAFKMBBH4wiDPruTGcyuuFdmf8ZbTRMFkGA1UdHwRSMFAwTqBM # oEqGSGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01p # Y1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNybDCBjQYIKwYBBQUHAQEEgYAwfjBN # BggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9N # aWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6 # Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDANBgkqhkiG9w0BAQsFAAOCAgEA # J7TQhbKezA+kKlNz1W3a1zEAyPb/Y8j2ARG1GJLa3LT5rybo/Ep5vcFnsIgDeWXP # NTUFWI7igwaW9bp+EllQm+Dw1T2dCfO7Rs2HvXTid9BGBnoiGmkrZCy5izmADOqC # JyKiMFciJNkhP6tpRrfDr8HGXrzZj5FWI5Op8iYuRHb0unIj0ZlvW0VkU+KVlPG2 # SEC/d/CxOJRzkAIsawEIlnrOUs6dlPORNJy3Wg6+cPyNvCf2dfuM1tTWqNaa1Qjq # q6LJ6DVH1X9ZL7MH1txWNpdT4gGKfLBsjuexms7V3QaBDgXAy3nX3D62vfjS3RBd # +jZBNIPvXW6JBWOysYVCfFqTIgpjeMo/SyhS70G3LRjCSWPRMBxYn5tqYGommnyh # dRss/ja7icxBIKcrDKP3/QFQUP6gnT0EBhFqd0AyGnn+LbPUE8fkZgyggQzExS4B # ZpoW7VGNCVoy5Cp+7KM/yyHA1JXv6eU4hQ+FYX2ZwHL2EB137rJZ8qfsroVswEpw # EDZziDun3NSRSMJA5HDPpP07KXwGo8x6KEgMF5Kzlq40Q1esCNGMzFR6xMkNIWeT # ZyF2y95a05Dj439zQbtZ2kjRGsknbkrQ2xVY1d016BDRJ2YroCSmEsJoc6GBzNZ4 # IqTeazXaiYiubpKehPCw84t5ef+13LSUGN/mYBwyaLIxghoHMIIaAwIBATCBkDB5 # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpN # aWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMAITMwAABcJYANPO/n9tgQABAAAFwjAN # BglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgCEfBwHFM # UmoDfW788GYa96q9QEUvhpI9E/8gYtQCo5MwRAYKKwYBBAGCNwIBDDE2MDSgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5jb20g # MA0GCSqGSIb3DQEBAQUABIIBAIekxDX0hyuKpqgxC6KpjQFeW0wKPyBLyb092wzp # dd/RZw3GEe3LG87yFCooiDdpRt/igUFTjHBasp9UH4LTDPOS2aQhY0TzcG8t+GJ4 # lJVTVUDfmw44aF/DiwwhcnKQ3YWAp1RGRWUqh2vvT4gJoyqswsp1EdYkSP6CMeU8 # h4ud0a1fSHQbJZzTPMSAAD4VQPVHBmIaChgJMm8l1LMyP83Lj7gnqtICK68/+I/g # IycbjWOehD6oWGPbZtXRhKudrm/10aErfe1RxpBvuW1wOKxspwvPQQPZ9b6rw208 # v1iIgID0PQJig6E8x+Enr8WjNgV0U4/fiOnRleC84vlM1zehgheUMIIXkAYKKwYB # BAGCNwMDATGCF4Awghd8BgkqhkiG9w0BBwKgghdtMIIXaQIBAzEPMA0GCWCGSAFl # AwQCAQUAMIIBUgYLKoZIhvcNAQkQAQSgggFBBIIBPTCCATkCAQEGCisGAQQBhFkK # AwEwMTANBglghkgBZQMEAgEFAAQgrGISC3Dg94OI2weO6G0HGHP24vX8cD2zDBWL # W9B2o6gCBmVWyBzeoBgTMjAyMzExMzAwNjA4MTUuMTYyWjAEgAIB9KCB0aSBzjCB # yzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMc # TWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBU # U1MgRVNOOjhEMDAtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1T # dGFtcCBTZXJ2aWNloIIR6jCCByAwggUIoAMCAQICEzMAAAHNVQcq58rBmR0AAQAA # Ac0wDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAw # HhcNMjMwNTI1MTkxMjA1WhcNMjQwMjAxMTkxMjA1WjCByzELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJp # Y2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjhEMDAtMDVF # MC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIIC # IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0zgi1Uto5hFjqsc8oFu7OmC5 # ptvaY7wPgoelS+x5Uy/MlLd2dCiM02tjvx76/2ic2tahFZJauzT4jq6QQCM+uey1 # ccBHOAcSYr+gevGvA0IhelgBRTWit1h4u038UZ6i6IYDc+72T8pWUF+/ea/DEL1+ # ersI4/0eIV50ezWuC5buJlrJpf8KelSagrsWZ7vY1+KmlMZ4HK3xU+/s75VwpcC2 # odp9Hhip2tXTozoMitNI2Kub7c6+TWfqlcamsPQ5hLI/b36mJH0Ga8tiTucJoF1+ # /TsezyzFH6k+PvMOSZHUjKF99m9Q+nAylkVL+ao4mIeKP2vXoRPygJFFpUj22w0f # 2hpzySwBj8tqgPe2AgXniCY0SlEYHT5YROTuOpDo7vJ2CZyL8W7gtkKdo8cHOqw/ # TOj73PLGSHENdGCmVWCrPeGD0pZIcF8LbW0WPo2Z0Ig5tmRYx/Ej3tSOhEXH3mF9 # cwmIxM3cFnJvnxWZpSQPR0Fu2SQJjhAjjbXytvBERBBOcs6vk90DFT4YhHxIYHGL # IdA3qFomBrA4ihLkvhRJTDMk+OevlNmUWtoW0UPe0HG72gHejlUC6d00KjRLtHrO # WatMINggA3/kCkEf2OvnxoJPaiTSVtzLu+9SrYbj5TXyrLNAdc4dMWtcjeKgt86B # PVKuk/K+xt/zrUhZrOMCAwEAAaOCAUkwggFFMB0GA1UdDgQWBBShk/mmNmmawQCV # SGYeZInKJHzVmjAfBgNVHSMEGDAWgBSfpxVdAF5iXYP05dJlpxtTNRnpcjBfBgNV # HR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2Ny # bC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcmwwbAYI # KwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAy # MDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMI # MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAgEAUqht6aSiFPovxDMM # LaLaMZyn8NEl/909ehD248LACJljmeZywG2raKZfMxWPONYG+Xoi9Y/NYeA4hIl7 # fgSYByANiyISoUrHHe/aDG6+t9Q4hKn/V+S2Ud1dyiGLLVNyu3+Q5O7W6G7h7vun # 2DP4DseOLIEVO2EPmE2B77/JOJjJ7omoSUZVPxdr2r3B1OboV4tO/CuJ0kQD51sl # +4FYuolTAQVBePNt6Dxc5xHB7qe1TRkbRntcb55THdQrssXLTPHf6Ksk7McJSQDO # Rf5Q8ZxFqEswJGndZ1r5GgHjFe/t/SKV4bn/Rt8W33yosgZ493EHogOEsUsAnZ8d # NEQZV0uq/bRg2v6PUUtNRTgAcypD+QgQ6ZuMKSnSFO+CrQR9rBOUGGJ+5YmFma9n # /1PoIU5nThDj5FxHF/NR+HUSVNvE4/4FGXcC/NcWofCp/nAe7zPx7N/yfLRdd2Tz # /vDbV977uDa3IRwyWIIzovtSbkn/uI6Rf6RBD16fQLrIs5kppASuIlU+zcFbUZ0t # bbPKgBhxj4Nhz2uG9rvZnrnlKKjVbTIW7piNcvnfWZE4TVwV89miLU9gvfQzN096 # mKgFJrylK8lUqTC1abHuI3uVjelVZQgxSlhUR9tNmMRFVrGeW2jfQmqgmwktBGu7 # PThS2hDOXzZ/ZubOvZQ/3pHFtqkwggdxMIIFWaADAgECAhMzAAAAFcXna54Cm0mZ # AAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIyMjVaFw0zMDA5MzAxODMyMjVa # MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT # HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMIICIjANBgkqhkiG9w0BAQEF # AAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5vQ7VgtP97pwHB9KpbE51yMo1 # V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64NmeFRiMMtY0Tz3cywBAY6GB9 # alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhuje3XD9gmU3w5YQJ6xKr9cmmv # Haus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl3GoPz130/o5Tz9bshVZN7928 # jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPgyY9+tVSP3PoFVZhtaDuaRr3t # pK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I5JasAUq7vnGpF1tnYN74kpEe # HT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2ci/bfV+AutuqfjbsNkz2K26o # ElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/TNuvXsLz1dhzPUNOwTM5TI4C # vEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy16cg8ML6EgrXY28MyTZki1ug # poMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y1BzFa/ZcUlFdEtsluq9QBXps # xREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6HXtqPnhZyacaue7e3PmriLq0C # AwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYBBAGCNxUCBBYE # FCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQWBBSfpxVdAF5iXYP05dJlpxtT # NRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNo # dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5o # dG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBD # AEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZW # y4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5t # aWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAt # MDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0y # My5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1VffwqreEsH2cBMSRb4Z5yS/ypb+pc # FLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27DzHkwo/7bNGhlBgi7ulmZzpT # Td2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pvvinLbtg/SHUB2RjebYIM9W0j # VOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9AkvUCgvxm2EhIRXT0n4ECWOKz3 # +SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWKNsIdw2FzLixre24/LAl4FOmR # sqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2kQH2zsZ0/fZMcm8Qq3UwxTSw # ethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+c23Kjgm9swFXSVRk2XPXfx5b # RAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep8beuyOiJXk+d0tBMdrVXVAmx # aQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+DvktxW/tM4+pTFRhLy/AsGConsX # HRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1ZyvgDbjmjJnW4SLq8CdCPSWU5nR0 # W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/2XBjU02N7oJtpQUQwXEGahC0 # HVUzWLOhcGbyoYIDTTCCAjUCAQEwgfmhgdGkgc4wgcsxCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNh # IE9wZXJhdGlvbnMxJzAlBgNVBAsTHm5TaGllbGQgVFNTIEVTTjo4RDAwLTA1RTAt # RDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEB # MAcGBSsOAwIaAxUAaKn3ptiis7kWYyEmInxqJVTncgSggYMwgYCkfjB8MQswCQYD # VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe # MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3Nv # ZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQsFAAIFAOkSaT0wIhgP # MjAyMzExMzAwMTUxNTdaGA8yMDIzMTIwMTAxNTE1N1owdDA6BgorBgEEAYRZCgQB # MSwwKjAKAgUA6RJpPQIBADAHAgEAAgIsMzAHAgEAAgIUeTAKAgUA6RO6vQIBADA2 # BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIB # AAIDAYagMA0GCSqGSIb3DQEBCwUAA4IBAQBuF9PDhiRGwzNCBcuJM9PmwmH+f+Th # PXnKkb6B9UnCJQWkvz0HWqNgDJ1kkmlOSKRzctmlhz4y7YO3wMIJY4OpafmWkuAa # XKS04bvSpvGe2z93WQso/nIJKyHf0AplxWdhA0jCtcjujJueT32ql9LZ8tOTZuOG # MJEJhH/LLC1feMmbj6oiMWTmZ2EAf5FPCyp72WzIGlVxrMIjV4UOPpbvU4D2bnWu # xKuYgP3v3JICv3gfB/M9bRbvU7XsTXIsuMTKvM/++0MbWYuwPzLgyr5C/Dcl7XDG # K+NR5De+Q4JgdSCiodPUFI9Vx9HKLBdmoe1CJVOV44L13IfG0etiJi1qMYIEDTCC # BAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO # BgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEm # MCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAHNVQcq # 58rBmR0AAQAAAc0wDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsq # hkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgWsEDZv0POzCZJwJASj8qAjAf3o92 # pTUfUaW8W9syXbswgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCDiZqX4rVa9 # T2RoL0xHU6UrVHOhjYeyza6EASsKVEaZCjCBmDCBgKR+MHwxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1l # LVN0YW1wIFBDQSAyMDEwAhMzAAABzVUHKufKwZkdAAEAAAHNMCIEIK6iBZ0tQUfR # UB74GoPZIVaeqtlp1t88IGwVClsMBAYxMA0GCSqGSIb3DQEBCwUABIICAMs5aZAF # NDvgU+DLAW8QKOdrUfb3fSyRNC+nzIgpuqN1548IzfOsiw1kqzA0RaHKPS6mYP/r # 7V0fKvtm4Am2WM6QSGrytvrjdRjosfZhb6ecUcButGrdaW/upMXv5PHaS+J0aMib # 2VmnquO72hKa3wdcRGXn2L1MHEbIQ/qTVuBgskG9cnXl0TRMD4h2YwDiyE89PdfD # HfNGG8f8Mc9e85AO48D+lCrdMRkZ68XX3//QOWaG7WnaQT40ryNmeY5oS1KMPx51 # lMgloNObhiywZFAEYIB7qw7NdxHbvXcKvR/3XHGY7e8SwLwQYU7TvIlDtkVvfm/X # VcqmaxgZy05jgY8ky+eEnV9UscWxqs8PcBLkKWtJEQokrkiJyvucDF112Lkr08bK # meevHoaYyfP9XPRyWmPGL8LfG2MTRTShWgi/F2d/FosWFkBysh6Bw4c7AndHCQXq # nfBiTiPbFDvQ2KJ5RgOi56kxO0oXi4GsxhgesZdwQKkpGO1qu+aObLMJCaeDMSfg # D1RBl6n8G6ttH/b2wDpw4rnSgKjDXZr3gfZKIINepUJp/azgO3dcYgdFJ2ISKDEc # Es/TYfNNBcUN+9pn2NhuHE1kFFFnmIoDIdZuc6CQynGXwS6NqK7bSnLFZ65msiR+ # GiHDWX59c9BJrmBZl8RF4hAJfE+OSi5i2Hgv # SIG # End signature block |