<div>
Check this<br />
<a href="http://www.msexchange.org/tutorials/auditing-mailbox-access-exchange-system-manager-event-viewer.html" rel="ugc">http://www.msexchange.org/tutorials/auditing-mailbox-access-exchange-system-manager-event-viewer.html</a>
</div>


Check this
http://www.msexchange.org/tutorials/auditing-mailbox-access-exchange-system-manager-event-viewer.html [http://www.msexchange.org/tutorials/auditing-mailbox-access-exchange-system-manager-event-viewer.html]

<div>
Simple change your admin if you don't trust him. <br />
<br />
Domain admin always win in any chalenge.
</div>


Simple change your admin if you don't trust him.

Domain admin always win in any chalenge.

<div>
I Have to agree with morpheios here, as an admin you are charged with some very serious security stuffs, if you even have a hankering that your admin is off you should change him.<br />
<br />
abuse of an admin account is very serious indeed.<br />
<br />

</div>


I Have to agree with morpheios here, as an admin you are charged with some very serious security stuffs, if you even have a hankering that your admin is off you should change him.

abuse of an admin account is very serious indeed.



<div>
<div class="content wysiwyg-content">
Hello all, <br />
<br />
We have a situation in our company where it seems an admin may have been abusing his priviledges and accessing other peoples email accounts. <br />
<br />
I'm no expert but have been tasked with collecting as much evidence and logging as possible from the server to try and prove the claims. I understand there are some events posted in the event log, but is there anything else I can save? Is there anything I can pull from the domain controllers (apart from login events). I'm not sure of the logging on the server but if there is anything we can check then I would appreciate someone highlighting for me! <br />
<br />
Thanks,<br />
PJ
</div>
</div>


Hello all, 

We have a situation in our company where it seems an admin may have been abusing his priviledges and accessing other peoples email accounts. 

I'm no expert but have been tasked with collecting as much evidence and logging as possible from the server to try and prove the claims. I understand there are some events posted in the event log, but is there anything else I can save? Is there anything I can pull from the domain controllers (apart from login events). I'm not sure of the logging on the server but if there is anything we can check then I would appreciate someone highlighting for me! 

Thanks,
PJ

Unauthorised mailbox access Exchange 2003

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Exchange

A server is a computer program or a machine that waits for requests from other machines or software (clients) and responds to them. This architecture is called the client–server model. The clients may run on the same computer or may connect to the server over a network. The purpose of a server is to share data or hardware and software resources among clients. Typical computing servers are database servers, file servers, mail servers, print servers, web servers, game servers, and application servers.