tests/Test-SpamPolicyAdminNotify.ps1
|
function Test-SpamPolicyAdminNotify { [CmdletBinding()] param ( # Parameters can be added if needed ) begin { $auditResults = @() } process { # 2.1.6 Ensure Exchange Online Spam Policies are set to notify administrators # Get the default hosted outbound spam filter policy $hostedOutboundSpamFilterPolicy = Get-HostedOutboundSpamFilterPolicy | Where-Object { $_.IsDefault -eq $true } # Check if both settings are enabled $bccSuspiciousOutboundMailEnabled = $hostedOutboundSpamFilterPolicy.BccSuspiciousOutboundMail $notifyOutboundSpamEnabled = $hostedOutboundSpamFilterPolicy.NotifyOutboundSpam $areSettingsEnabled = $bccSuspiciousOutboundMailEnabled -and $notifyOutboundSpamEnabled # Prepare failure details if any setting is not enabled $failureDetails = @() if (-not $bccSuspiciousOutboundMailEnabled) { $failureDetails += "BccSuspiciousOutboundMail is not enabled." } if (-not $notifyOutboundSpamEnabled) { $failureDetails += "NotifyOutboundSpam is not enabled." } # Create an instance of CISAuditResult and populate it $auditResult = [CISAuditResult]::new() $auditResult.Status = if ($areSettingsEnabled) { "Pass" } else { "Fail" } $auditResult.ELevel = "E3" $auditResult.ProfileLevel = "L1" $auditResult.Rec = "2.1.6" $auditResult.RecDescription = "Ensure Exchange Online Spam Policies are set to notify administrators" $auditResult.CISControlVer = "v8" $auditResult.CISControl = "17.5" $auditResult.CISDescription = "Assign Key Roles and Responsibilities" $auditResult.IG1 = $false $auditResult.IG2 = $true $auditResult.IG3 = $true $auditResult.Result = $areSettingsEnabled $auditResult.Details = if ($areSettingsEnabled) { "Both BccSuspiciousOutboundMail and NotifyOutboundSpam are enabled." } else { $failureDetails -join ' ' } $auditResult.FailureReason = if (-not $areSettingsEnabled) { "One or both spam policies are not set to notify administrators." } else { "N/A" } $auditResults += $auditResult } end { # Return auditResults return $auditResults } } |