I ended up figuring out the problem. It was that I needed additional IP addresses hubspot was attempting to initiate the connection from. These IPs were not provided by any articles and hubspot support didn't even know about them. I ended up finding them by monitoring all network traffic on ports 25 and 993 to find them. Hopefully hubspot can pin down what IPs they use so network admins like myself that don't want exchange open to the entire world can restrict traffic properly.
For anyone who may be looking for exchange configuration settings and at least need something to go off of regarding what hubspot can work with, here is how I configured my server:
Allowed traffic from hubspot IP addresses to my exchange server on port 25 and 993.
for IMAP4 traffic: Server Configuration -> Client Access -> pop3 and imap4 -> properties for IMAP4 connector -> authentication -> secure logon: A TLS connection is required for the client to authenticate to the server. Once this is set, start/restart the IMAP4 service.
for SMTP traffic: server configuration -> hub transport -> under receive connectors click new receive connector -> give it a name and leave and click next -> enter the dns name for your ssl cert (mail.mycompany.com) and click next -> remove the default allowed networks -> add the IPs of any hubspot servers that will send email -> click next -> click new. Right click on the new connector and select properties -> authentication -> uncheck everything except Transport Layer Security -> click apply -> click permission groups -> uncheck everything except exchange servers and click apply. Restart the exchange transport service.
This should allow hubspot to send and receive with the connector.