The Exchange Public Store storage quota must be limited.

From MS Exchange 2013 Mailbox Server Security Technical Implementation Guide

Associated with: CCI-001879

SV-84673r1_rule The Exchange Public Store storage quota must be limited.

Vulnerability discussion

This setting controls the maximum sizes of a public folder and the system’s response if these limits are exceeded. There are two available controls and the system response when the quota has been exceeded. The first control sends an email warning to Folder Owners roles, alerting them that the folder has exceeded its quota. The second level prevents posting any additional items to the folder. As a practical matter, Level 1 serves the purpose of prompting owners to manage their folders. Level 2 impedes users in their ability to work and is not required where folder use interruption is not acceptable. Public Folder Storage Quota Limitations are not a substitute for overall disk space monitoring.

Check content

If public folders are not used, this check is not applicable. Review the Email Domain Security Plan (EDSP). Determine the value for ProhibitPostQuota. Open the Exchange Management Shell and enter the following command: Get-PublicFolderDatabase | Select Name, Identity, ProhibitPostQuota If the value of ProhibitPostQuota is not set to the ProhibitPostQuota values documented in the EDSP, this is a finding.

Fix text

Update the EDSP. Open the Exchange Management Shell and enter the following command: Set-PublicFolderDatabase -Identity <'IdentityName'> -ProhibitPostQuota <'QuotaLimit'> Note: The and values must be in quotes.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.