Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How can I tell if an admin is reading other people's email in Exchange 2010?

Posted on 2010-11-10
4
Medium Priority
?
1,312 Views
Last Modified: 2012-05-10
I am concerned that a fellow admin is accessing other people's email.  How can I tell for sure if this is happening?  And how is he doing it?  Thanks in advance.
0
Comment
Question by:LorrieT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 13

Assisted Solution

by:BCipollone
BCipollone earned 336 total points
ID: 34106225
He could have a forward set on their user profile that would forward the mail to another account. You can also check the permissions on the mailbox and see if there are any accounts added that should not be. Other than that if it is not being forwarded he would need to be reading the mail then marking it as unread. The only way to really know would be to see how the permissions are set on the mailboxes.

If there are trust issues there I would simply reduce his rights and not let him have access to the exchange server.
0
 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 34106272
if you are using outlook you can read other ppls email by clicking

tools-> account settings
select your exchange account
change settings
more options
second tab contains add a mailbox
type the persons name in and add to your account
you can then see their mailbox in your outlook email.


to see if somebody is accessing other peoples email you can open the system manager on the mail server
drill down to mailboxes and there is a column LAST LOGGED IN BY

you would see his username there.
0
 
LVL 7

Accepted Solution

by:
Gladys Kerns earned 332 total points
ID: 34106342
You can also read someone else's mail in Exchange by enabling Journaling on the entire message store... and storing a copy of everything in an alternate box... and then filter that copy.

I've used this methodology before in Legal Discovery processes when we were pretty sure that a user was sending or getting something and then immediately doing a permanent delete.
0
 
LVL 12

Assisted Solution

by:FDiskWizard
FDiskWizard earned 332 total points
ID: 34106686
In Exchange 2003 ESM > Diagnostic logging... there was an option to log logons.
so someone opening a mailbox that isn't their's would be logged in the APP event log.
"joe user has logged into..... jane user's mailbox and is not the mailbox owner"

Have a look at this for 2010:
http://exchangeserverpro.com/managing-diagnostic-logging-with-exchange-server-2007
http://technet.microsoft.com/en-us/library/dd335139.aspx
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question