As a best practice, it is recommend that you don't configure blanket, persistent access for IT administrators to end user Exchange mailboxes.
The Exchange Analyzer team are happy to release v0.2.1-Beta.5. This release contains several new tests and some bug fixes.
For POP and IMAP access to Exchange Server mailboxes the best practice is to require secure logins.
The servers running Exchange Server in your environment should have unique, complex local administrator passwords that are unknown.
When you configure journaling in an Exchange organization you should also review the configuration of any databases that will be hosting journal mailboxes.
It is a recommended practice to configure any antivirus software running on Exchange servers to exclude specific paths, processes, and file types.
It was recently discovered that Exchange Server cumulative updates are re-enabling SSL 3.0 on servers where it has been disabled.
When it comes to Exchange Server the the principle of least privilege applies, and is considered a best practice.
Encryption is important for protecting corporate data stored on mobile devices from being accessed by anybody who has physical access to the device.
It is recommended to enable Datacenter Activation Coordination (DAC) mode for Exchange database availability groups that meet the criteria.