Mail-enabled public folder accepts email messages from unauthorized users in an Exchange Server 2013 environment

Applies to: Exchange Server 2013 EnterpriseExchange Server 2013 Standard Edition


Consider the following scenario:
  • You have a mail-enabled public folder in a Microsoft Exchange Server 2013 environment.
  • You remove the Default and Anonymous permissions of the public folder.
  • An unauthorized user sends an email message to the public folder.
In this scenario, the public folder accepts the email message unexpectedly.


To resolve this issue, install the following cumulative update:
2961810 Cumulative Update 6 for Exchange Server 2013


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.