Solved

How can I tell if an admin is reading other people's email in Exchange 2010?

Posted on 2010-11-10
4
1,304 Views
Last Modified: 2012-05-10
I am concerned that a fellow admin is accessing other people's email.  How can I tell for sure if this is happening?  And how is he doing it?  Thanks in advance.
0
Comment
Question by:LorrieT
4 Comments
 
LVL 13

Assisted Solution

by:BCipollone
BCipollone earned 84 total points
ID: 34106225
He could have a forward set on their user profile that would forward the mail to another account. You can also check the permissions on the mailbox and see if there are any accounts added that should not be. Other than that if it is not being forwarded he would need to be reading the mail then marking it as unread. The only way to really know would be to see how the permissions are set on the mailboxes.

If there are trust issues there I would simply reduce his rights and not let him have access to the exchange server.
0
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 34106272
if you are using outlook you can read other ppls email by clicking

tools-> account settings
select your exchange account
change settings
more options
second tab contains add a mailbox
type the persons name in and add to your account
you can then see their mailbox in your outlook email.


to see if somebody is accessing other peoples email you can open the system manager on the mail server
drill down to mailboxes and there is a column LAST LOGGED IN BY

you would see his username there.
0
 
LVL 7

Accepted Solution

by:
Gladys Kerns earned 83 total points
ID: 34106342
You can also read someone else's mail in Exchange by enabling Journaling on the entire message store... and storing a copy of everything in an alternate box... and then filter that copy.

I've used this methodology before in Legal Discovery processes when we were pretty sure that a user was sending or getting something and then immediately doing a permanent delete.
0
 
LVL 12

Assisted Solution

by:FDiskWizard
FDiskWizard earned 83 total points
ID: 34106686
In Exchange 2003 ESM > Diagnostic logging... there was an option to log logons.
so someone opening a mailbox that isn't their's would be logged in the APP event log.
"joe user has logged into..... jane user's mailbox and is not the mailbox owner"

Have a look at this for 2010:
http://exchangeserverpro.com/managing-diagnostic-logging-with-exchange-server-2007
http://technet.microsoft.com/en-us/library/dd335139.aspx
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2016 Dag Question 2 37
ACTIVE DIRECTORY 18 49
Exhange 2010 10 38
TLS Negotiation Failed on messages sent from Gmail to Exchange 2013 6 16
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
This video discusses moving either the default database or any database to a new volume.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question