Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 599
  • Last Modified:

how can i know if the adminstrator is accessing or reading or view my lotus notes email

Dear Experts
how can i know if the adminstrator is accessing or reading or view my lotus notes email?
0
MOA81
Asked:
MOA81
  • 5
  • 3
  • 2
  • +2
3 Solutions
 
SysExpertCommented:
If you check the properties of the notes mail , there is a button showing who has accessed your Mail DB, Depending on how much history is saved, you can see who has recently accessed your mail.


I hope this helps !
0
 
SysExpertCommented:
If is on the second Tab of the properties ( Info) , the button is labeled User Activity.

You need to check all replications of the mail DB.


I hope this helps !
 
0
 
marilyngCommented:
Just a quick note, discovery of an administration ID accessing an email account does not necessarily mean that a person really opened it and read mail.  There are a few third party programs, like Granite Software, that run agents through all mail databases at regular intervals to see if the mail file is no longer in use, or to perform some maintenance.   These accesses would happen at regular times, usually outside of regular hours

The only way to tell if someone opened and READ mail is to ask everyone to send mail with "return receipts" and then hope that the Administrator has not turned off that function. Another way to keep proprietary information safe is to send and receive mail encrypted.  This is accomplished by using the Delivery Options and selecting "encrypt" on the memo that you are sending.  This means that only the people addressed in the email can read the contents in the body of the email, and an administrator accessing the email account with their ID would see a blank body.

But offhand, email administrators are supposed to have access to all email accounts in a corporate setting.  By virtue of the job, they're not supposed to snoop.   However, if a person is getting a large number of spams, or something in their email is causing error messages to appear in the server log, then the email administrator pretty much has to open the email and see what's up and correct the problem.

I guess the moral of the story is to keep personal stuff out of your corporate email account and encrypt proprietary stuff that shouldn't be read by anyone but the intended recipients.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
MOA81Author Commented:
Thanks a lot all for the feedback
Dear SysExpert
I guess that wasn't good enough, you cannot really proof if someone has actually opened your email.

Dear marilyng:
Actually my worries is not the personal stuff, I am more worried about the business related mails.

Can I have your comments on the following two scenarios?

You mentioned:
>>This is accomplished by using the Delivery Options and selecting "encrypt" on the memo that you are sending.  This means that only the people addressed in the email can read the contents in the body of the email, and an administrator accessing the email account with their ID would see a blank body.>>

-      The administrator took a replica of my mail on a different server and of course he has my id and he can reset the password.  (Then there is no way on earth I can prevent the admin from accessing my mail) right?


-      I have sent an encrypted email to my colleague,  are you sure that no one can see this email (even the subject)
What if the administrator started note administration and then did an email tracking then the log file will appear; now in this case will the to section and subject be encrypted yes or no?
0
 
marilyngCommented:
If the administrator took another replica of your email, then this would appear on the SERVER Replication History tab.   But, again, this is not foolproof, he or she can delete the history.

Subjects of encrypted mail are visible, the body is not, unless the administrator signs on with your Notes Id, (or any of the recipient's Notes ID) to view the mail.  No one but the intended recipients can see the email.  If they forward the mail, however, all bets are off, the mail becomes unencrypted when they forward.

You can create a secret encryption key, (File>>Security>>NotesData>>Documents) and encrypt documents that you have, or want to send in your database with this key.    But that would only cover the stored documents, to encrypt your sent emails you would need to modify the design of the notes email database.

I'm seeing if  PGP works on internal Notes Mail.. will get back to you.
0
 
SysExpertCommented:
marilyng is correct. Depends on the scenario. AN Admin could make a replica, and then wipe the logs, and not leave any real traces.

Only the body is encrypted.

If the colleague is not using Notes, or you sent via an SMTP address, outside of your Notes doman, then Notes encryption would not work, and you probably would get an error trying to encrypt such a message.

Regarding the mail tracking and journaling options, I am not sure how encrypted mail is handled.



0
 
marilyngCommented:
Here is a good article about all types of Notes Encryption:

http://www.ibm.com/developerworks/lotus/library/ls-Notes_Encryption/

Personally, I would set all delivery options to return-receipt when "read", this way if someone other than you or your recipients open the email, you'll get a notice of who it was snooping.
0
 
brwwigginsCommented:
To be honest, everything marilyng and sysexpert say are good suggestions but if the admin is good enough you will have a hard time proving it. It is quite easy to create an agent to wipe out return receipts and most likely the admin will have a backup copy of your ID file and could log in as your name and read your messages encrypted or not.

If you are truly worried, I would contact your HR department and talk to them about some sort of key logger and screen capture program for the admin.
0
 
MOA81Author Commented:
Thanks all for the input, I guess what brwwiggins said was true, if the admin is good enough you will have hard time to accomplish this, besides for sure the admin has a backup of your ID, and he can wipe any trace...

as for now
gad bless and thank you all
0
 
marilyngCommented:
Unfortunately, the only way to trace someone using an id to log on is through the server logs.  Since when you use your ID, your computer authenticates from a specific IP address.  Someone else using an id would authenticate from a different IP address.  You would have to get the cooperation from the IT department to trap and find that login in order to prove mis-use.

In the Notes houses where I've worked, we turned on password authentication, and encouraged users to change their password frequently.  That would force Admin's to use their Admin ID's to access e-mails, and then document when they did this through trouble tickets, etc.
0
 
qwaleteeCommented:
Marilyn,

Password checking is not foolproof either. Nothing is foolproof.
0
 
marilyngCommented:
Agreed.  
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 5
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now