Mail-enabled public folder accepts email messages from unauthorized users in an Exchange Server 2013 environment

Applies to: Exchange Server 2013 EnterpriseExchange Server 2013 Standard Edition

Symptoms


Consider the following scenario:
  • You have a mail-enabled public folder in a Microsoft Exchange Server 2013 environment.
  • You remove the Default and Anonymous permissions of the public folder.
  • An unauthorized user sends an email message to the public folder.
In this scenario, the public folder accepts the email message unexpectedly.

Resolution


To resolve this issue, install the following cumulative update:
2961810 Cumulative Update 6 for Exchange Server 2013

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.