EX16-MB-000090 - Exchange Message Tracking Logging must be enabled.

Information

A message tracking log provides a detailed log of all message activity as messages are transferred to and from a computer running Exchange.

If events are not recorded, it may be difficult or impossible to determine the root cause of system problems or the unauthorized activities of malicious users.

Solution

Open the Exchange Management Shell and enter the following command:

Set-Transportservice <IdentityName> -MessageTrackingLogEnabled $true

Note: The <IdentityName> value must be in quotes.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2016_Y21M07_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, CAT|II, CCI|CCI-000133, Rule-ID|SV-228362r612748_rule, STIG-ID|EX16-MB-000090, STIG-Legacy|SV-95349, STIG-Legacy|V-80639, Vuln-ID|V-228362

Plugin: Windows

Control ID: 7ba151499c2313214c8c6cb465290fed695fa9a6fed6b4ae84381c7fea7c52d2