I am running sbs 2003 and using Exchange for mail. The users were setup originally with all of the usual permissions....no random security groups. It has come to my attention that the users are now able to open each others mailboxes via outlook. When I check the permissions in Active Directory Users, Everyone and Anonymous Logon have read rights and Domain Users have read, change, ownership and full mailbox rights. These rights are inherited from parent object and are greyed out so that i cannot change. the really weird thing is that when i create a new user, these 'inherited rights' don't show up... only Self w/ the normal rights. What is the parent object that is passing these rights down?? I have tried everything I can think of (turning off propogation from mail store, etc......)
Please help I am desperately needing to lock this down!!