An error occurred:

Check: EMG2-507 Exch2K3

Microsoft Exchange Server 2003: EMG2-507 Exch2K3 (in version v1 r5)

Title

Public Folders Store storage quota limits are overridden. (Cat III impact)

Discussion

E-mail system availability depends in part on best practices strategies for setting tuning configurations. Some settings enable more granular control when it is needed for a specific circumstance, however, if a sound strategy is not planned for configuration placement, it increases the risk that system integrity and availability could be compromised. This setting gives the Administrator a choice to either “Use Public Store Defaults”, or choose to override with different values. If the “Use Public Store Defaults” is chosen, then the Public Folder store’s settings are applied to this folder and the other alert fields in this group are disabled. If the “Use Public Store Defaults” is NOT selected then ALL of the storage limit controls in the Public Folder store will be ignored for this folder, and ALL behaviors will then have to be set in this panel and administered separately for this store. If overrides are needed for a Public Folder, they should be documented in the System Security Plan.

Check Content

If Public Folders are not in use at the site, this check is N/A. For each Public Folder, assess Public Folder overrides for storage limitation alerts. Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Folders >> Public Folders >> [Public Folder] >> Properties >> Limits tab >> Storage limits The “Use public store defaults” checkbox should be selected. Criteria: If the “Use public store defaults” checkbox is selected, this is not a finding.

Fix Text

Configure the Public Folder Store Limit setting. Procedure: Exchange System Manager >> Administrative Groups >> [administrative group] >> Folders >> Public Folders >> [Public Folder] >> Properties >> Limits tab >> Storage limits Select the “Use public store defaults” checkbox.

Additional Identifiers

Rule ID: SV-20222r1_rule

Vulnerability ID: V-18645

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check