| Authentication Failure | |
| DISA_STIG_Microsoft_Exchange_2016_Mailbox_Server_v2r6.audit from DISA Microsoft Exchange 2016 Mailbox Server v2r6 STIG | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000010 - Exchange must have Administrator audit logging enabled. | ACCESS CONTROL |
| EX16-MB-000020 - Exchange servers must use approved DoD certificates. | ACCESS CONTROL |
| EX16-MB-000030 - Exchange auto-forwarding email to remote domains must be disabled or restricted. | ACCESS CONTROL |
| EX16-MB-000040 - Exchange Connectivity logging must be enabled. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000050 - The Exchange Email Diagnostic log level must be set to the lowest level. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000060 - Exchange Audit record parameters must be set. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000070 - Exchange Circular Logging must be disabled. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000080 - Exchange Email Subject Line logging must be disabled. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000090 - Exchange Message Tracking Logging must be enabled. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000100 - Exchange Queue monitoring must be configured with threshold and action. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000110 - Exchange Send Fatal Errors to Microsoft must be disabled. | CONFIGURATION MANAGEMENT |
| EX16-MB-000120 - Exchange must protect audit data against unauthorized read access. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000130 - Exchange must not send Customer Experience reports to Microsoft. | CONFIGURATION MANAGEMENT |
| EX16-MB-000140 - Exchange must protect audit data against unauthorized access. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000150 - Exchange must protect audit data against unauthorized deletion. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000160 - Exchange Audit data must be on separate partitions. | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000170 - Exchange Local machine policy must require signed scripts. | CONFIGURATION MANAGEMENT |
| EX16-MB-000180 - The Exchange Internet Message Access Protocol 4 (IMAP4) service must be disabled. | CONFIGURATION MANAGEMENT |
| EX16-MB-000190 - The Exchange Post Office Protocol 3 (POP3) service must be disabled. | CONFIGURATION MANAGEMENT |
| EX16-MB-000200 - Exchange Mailbox databases must reside on a dedicated partition. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000210 - Exchange Internet-facing Send connectors must specify a Smart Host. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000220 - Exchange internal Receive connectors must require encryption. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000270 - Exchange Mailboxes must be retained until backups are complete. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000290 - Exchange email forwarding must be restricted. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000300 - Exchange email-forwarding SMTP domains must be restricted. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000310 - Exchange Mail quota settings must not restrict receiving mail. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000320 - Exchange Mail Quota settings must not restrict receiving mail. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000340 - Exchange Mailbox Stores must mount at startup. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000350 - Exchange Message size restrictions must be controlled on Receive connectors. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000360 - Exchange Receive connectors must control the number of recipients per message. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000380 - The Exchange Receive Connector Maximum Hop Count must be 60. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000410 - Exchange Message size restrictions must be controlled on Send connectors. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000420 - The Exchange Send connector connections count must be limited. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000430 - The Exchange global inbound message size must be controlled. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000440 - The Exchange global outbound message size must be controlled. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000450 - The Exchange Outbound Connection Limit per Domain Count must be controlled. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000460 - The Exchange Outbound Connection Timeout must be 10 minutes or less. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000470 - Exchange Internal Receive connectors must not allow anonymous connections. | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000480 - Exchange external/Internet-bound automated response messages must be disabled. | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000490 - Exchange must have anti-spam filtering installed. | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000500 - Exchange must have anti-spam filtering enabled - ContentFilterConfig | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000500 - Exchange must have anti-spam filtering enabled - SenderFilterConfig | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000500 - Exchange must have anti-spam filtering enabled - SenderIDConfig | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000500 - Exchange must have anti-spam filtering enabled - SenderReputationConfig | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000510 - Exchange must have anti-spam filtering configured. | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000520 - Exchange must not send automated replies to remote domains. | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000530 - Exchange servers must have an approved DoD email-aware virus protection software installed. | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000540 - The Exchange Global Recipient Count Limit must be set. | SYSTEM AND INFORMATION INTEGRITY |
