Prevent mail deletion on an Exchange account

We are unfortunately letting go an employee and would like to prevent them from deleting their entire mailbox while still allowing them access to send personal e-mail. Is it possible to restrict basic functions within Exchange 2007 during the time they are boxing up their stuff?

I undestand I can just change their password and not let me access anything, but I've been asked to see if we can restrict specific functions like deleting message, forwarding message, sending messages, etc.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

This is an iffy one. I would have much greater worry as a manager (if I was willing to continue their access to the computer/system) after their termination notification than wether or not they could delete their emails. You could look into the advanced settings of exchange within AD and look at the options for mailbox rights, you may be able to achieve some of what you are looking for.

I would say your best bet would be to disable their exchange account. To go a step further I would say if you need to look very closely at what danger is involved in allowing any sort of access at all past their termination notice. Very often company policy is strict in this regard for good reason.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial

If the user still has access to their own mailbox, they can do whatever they like to the data within it. You can restrict email being sent and received at the transport layer, but at a permission level, you cannot prevent email messages being deleted.

Per the last poster, you would need to strongly consider (or advise management to) why the user still has access to a COMPANY mailbox. At the point of termination, access to company systems and assets would generally be locked down (change password, disable account etc.) to prevent the user doing anything untoward after they leave.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.