| 2.1.1 Ensure 'Mailbox quotas: Issue warning at' is set to '' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.2 Ensure 'Retain deleted items for the specified number of days' is set to '14' | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.3 Ensure 'Mailbox quotas: Prohibit send and receive at' is set to '' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'Mailbox quotas: Prohibit send at' is set to '' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.5 Ensure 'Keep deleted mailboxes for the specified number of days' is set to '30' | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.6 Ensure 'Do not permanently delete items until the database has been backed up' is set to 'True' | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.1 Ensure 'Transport Pickup Directory Path' is not set | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure 'Maximum send size: Organization level' is set to '25' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.3 Ensure 'Maximum receive size: Organization level' is set to '25' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4 Ensure 'Maximum send size: Connector level' is set to '25' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.5 Ensure 'Maximum receive size: Connector level' is set to '25' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.6 Ensure 'Send connector timeout' is set to '10' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.7 Ensure 'Receive connector timeout' is set to '5' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.8 Ensure 'External send connector authentication: DNS routing' is set to 'True' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.9 Ensure 'External send connector authentication: IgnoreStartTLS' is set to 'False' | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.10 Ensure 'External send connector authentication: Domain security' is set to 'True' | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.3 Ensure 'Enable automatic replies to remote domains' is set to 'False' | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure 'Enable automatic forwards to remote domains' is set to 'False' | CONFIGURATION MANAGEMENT |
| 2.3.5 Ensure 'Enable S/MIME for OWA' is set to 'True' | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.6 Ensure 'Require client MAPI encryption' is set to 'True' | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4.1 Ensure 'POP3' Windows services are 'Disabled' | CONFIGURATION MANAGEMENT |
| 2.4.2 Ensure 'IMAP4' Windows services are 'Disabled' | CONFIGURATION MANAGEMENT |
| 2.4.3 Ensure 'Receive connector' is set to 'TLS' | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4.5 Ensure 'SMTP automated banner response' is set to '220 SMTP Server Ready' | CONFIGURATION MANAGEMENT |
| 4.1 Ensure 'Receive connector: Configure protocol logging' is set to 'Verbose' | AUDIT AND ACCOUNTABILITY |
| 4.2 Ensure 'Turn on administrator audit logging' is set to '' | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure 'Turn on connectivity logging' is set to 'True' | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure 'Send connector: Configure protocol logging' is set to 'Verbose' | AUDIT AND ACCOUNTABILITY |
| 4.5 Ensure 'Message tracking logging' is set to 'True' | AUDIT AND ACCOUNTABILITY |
| Authentication Failure | |
| CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Mailbox.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0 | SYSTEM AND INFORMATION INTEGRITY |
