UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Exchange Public Store storage quota must be limited.


Overview

Finding ID Version Rule ID IA Controls Severity
V-207322 EX13-MB-000280 SV-207322r615936_rule Low
Description
This setting controls the maximum sizes of a public folder and the system’s response if these limits are exceeded. There are two available controls and the system response when the quota has been exceeded. The first control sends an email warning to Folder Owners roles, alerting them that the folder has exceeded its quota. The second level prevents posting any additional items to the folder. As a practical matter, Level 1 serves the purpose of prompting owners to manage their folders. Level 2 impedes users in their ability to work and is not required where folder use interruption is not acceptable. Public Folder Storage Quota Limitations are not a substitute for overall disk space monitoring.
STIG Date
Microsoft Exchange 2013 Mailbox Server Security Technical Implementation Guide 2020-12-11

Details

Check Text ( C-7580r393479_chk )
If public folders are not used, this check is not applicable.

Review the Email Domain Security Plan (EDSP).

Determine the value for ProhibitPostQuota.

Open the Exchange Management Shell and enter the following command:

Get-PublicFolderDatabase | Select Name, Identity, ProhibitPostQuota

If the value of ProhibitPostQuota is not set to the ProhibitPostQuota values documented in the EDSP, this is a finding.
Fix Text (F-7580r393480_fix)
Update the EDSP.

Open the Exchange Management Shell and enter the following command:

Set-PublicFolderDatabase -Identity <'IdentityName'> -ProhibitPostQuota <'QuotaLimit'>

Note: The and values must be in quotes.