Exchange Mail quota settings must not restrict receiving mail.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-228379 | EX16-MB-000310 | SV-228379r879650_rule | CCI-001094 | low |
| Description | ||||
| Mail quota settings control the maximum sizes of a user’s mailbox and the system’s response if these limits are exceeded. Mailbox data that is not monitored against a quota increases the risk of mail loss due to filled disk space, which can also render the system unavailable. Failure to allow mail receipt may impede users from receiving mission-critical data. | ||||
| STIG | Date | |||
| Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide | 2023-12-18 | |||
Details
Check Text (C-228379r879650_chk)
Open the Exchange Management Shell and enter the following command:
Get-MailboxDatabase | Select Name, Identity, ProhibitSendReceiveQuota
If the value of "ProhibitSendReceiveQuota" is not set to "Unlimited", this is a finding.
or
If the value of "ProhibitSendReceiveQuota" is set to an alternate value and has signoff and risk acceptance in the EDSP, this is not a finding.
Fix Text (F-30597r496934_fix)
Open the Exchange Management Shell and enter the following command:
Set-MailboxDatabase -Identity <'IdentityName'> -ProhibitSendReceiveQuota Unlimited
Note: The <IdentityName> value must be in single quotes.
or
Enter the value as identified by the EDSP that has obtained a signoff with risk acceptance.