Solved

How can I tell if an admin is reading other people's email in Exchange 2010?

Posted on 2010-11-10
4
1,303 Views
Last Modified: 2012-05-10
I am concerned that a fellow admin is accessing other people's email.  How can I tell for sure if this is happening?  And how is he doing it?  Thanks in advance.
0
Comment
Question by:LorrieT
4 Comments
 
LVL 13

Assisted Solution

by:BCipollone
BCipollone earned 84 total points
ID: 34106225
He could have a forward set on their user profile that would forward the mail to another account. You can also check the permissions on the mailbox and see if there are any accounts added that should not be. Other than that if it is not being forwarded he would need to be reading the mail then marking it as unread. The only way to really know would be to see how the permissions are set on the mailboxes.

If there are trust issues there I would simply reduce his rights and not let him have access to the exchange server.
0
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 34106272
if you are using outlook you can read other ppls email by clicking

tools-> account settings
select your exchange account
change settings
more options
second tab contains add a mailbox
type the persons name in and add to your account
you can then see their mailbox in your outlook email.


to see if somebody is accessing other peoples email you can open the system manager on the mail server
drill down to mailboxes and there is a column LAST LOGGED IN BY

you would see his username there.
0
 
LVL 7

Accepted Solution

by:
Gladys Kerns earned 83 total points
ID: 34106342
You can also read someone else's mail in Exchange by enabling Journaling on the entire message store... and storing a copy of everything in an alternate box... and then filter that copy.

I've used this methodology before in Legal Discovery processes when we were pretty sure that a user was sending or getting something and then immediately doing a permanent delete.
0
 
LVL 12

Assisted Solution

by:FDiskWizard
FDiskWizard earned 83 total points
ID: 34106686
In Exchange 2003 ESM > Diagnostic logging... there was an option to log logons.
so someone opening a mailbox that isn't their's would be logged in the APP event log.
"joe user has logged into..... jane user's mailbox and is not the mailbox owner"

Have a look at this for 2010:
http://exchangeserverpro.com/managing-diagnostic-logging-with-exchange-server-2007
http://technet.microsoft.com/en-us/library/dd335139.aspx
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now