vdms
asked on
Exchange email question
I recently had an issue where a user's email started ending up in a mailbox that was supposed to only get emails from my electronic fax service. There was no forwarding on this users mailbox and there was nothing on the Exchangeserver or his AD user that would suggest that his mail get forwarded to this box. The email that ended up there was a dup or copy as this user got the original email. I deleted this email box and started over again and it is working fine. What do you think can cause that? The only way he was related to this box is that I added a user group on the Full Permissions on Exchange that had his user in it. No other user in this group was affected though, just him and he doesn't even have this box attatched to his Outlook. He really doesn't need it he is just part of a group or department that does. Wierd but I need to know how this can happen as it demonstrates a huge security risk.
did it still happen after a reboot?
ASKER
They have thier mail on thier iphone. But generally they don't get these faxes. Maybe someone forwared him a fax from this box and then something wierd happened.
I will check his rules on his OUtlook as well. I didn't think to look there but still on the remade mail box they are not coming through.
I will check his rules on his OUtlook as well. I didn't think to look there but still on the remade mail box they are not coming through.
ASKER
Reboot of what, the Exchangeserver?
Please no Reboot as it isnt required and i guess "mo_patel" might have miss typed on this post trying for some other.
If it just happened once and you retried and it didnt happen so whatever caused was changed as i dont think the system can itself do this :(
- Rancy
If it just happened once and you retried and it didnt happen so whatever caused was changed as i dont think the system can itself do this :(
- Rancy
ASKER
HAs anyone ever seen this happen before?
There’s likely a million scenarios in which this could have happened
However a couple of way this can happen
If the original Email remained in its original location, the email in the other mailbox would be a copy
There’s not many ways a email can be copied into another users mailbox
user could have accidentally copied it, or possibly used shortcut keys on the keyboard with Outlook being the active window resulting in some of them being copied.
So could have just been user error
Another way this could have happened is if the Fax Mailbox had accidentally been added as a delegate to the Users Mailbox.
If the emails were meeting related, the Delegate Mailbox cold have very easily received a copy of the mail message as "Delegate Receives Copies of meeting related messages" is an option.
If the user has FULL Mailbox access, delegate access isnt really required
This is a long shot, but i suppose its possible
If the user had cached exchange mode on, and was checking the Fax Mailbox
Quite possible when in the Inbox View the Some of the fax emails were cached to the users inbox in their OST (Virtually a Copy) When closing out of the Fax Mailbox User OST may have synced the changes back to their inbox showing that copy
I would tend to think the crux of the issue here is likely the users FULL Access to the Mailbox and or vice versa
To start I would probably look at reviewing the access to both mailboxes
Look at the users needs
Look at what the Fax mailbox needs to do
If the user only needs to view mail items in the fax mailbox
Full Access to the Exchange Account is probably a bit over kill
You can provide the user Delegate access to the Fax Mailbox Inbox with reviewer access
Make sure calendar access is set to None, and delegate is not set to receive copies of meeting related messages
Personally, I probably wouldn’t make too big of an issue with this being a Security Threat
As its likely to have been user error, a delegate setting, or a result of a user or mailbox having FULL Access to an mailbox.
If it turns out to be one of these things might look a bit silly
However, unfortunately because the Mailbox was deleted and recreated its really hard to say exactly how this occurred after the fact.
However a couple of way this can happen
If the original Email remained in its original location, the email in the other mailbox would be a copy
There’s not many ways a email can be copied into another users mailbox
user could have accidentally copied it, or possibly used shortcut keys on the keyboard with Outlook being the active window resulting in some of them being copied.
So could have just been user error
Another way this could have happened is if the Fax Mailbox had accidentally been added as a delegate to the Users Mailbox.
If the emails were meeting related, the Delegate Mailbox cold have very easily received a copy of the mail message as "Delegate Receives Copies of meeting related messages" is an option.
If the user has FULL Mailbox access, delegate access isnt really required
This is a long shot, but i suppose its possible
If the user had cached exchange mode on, and was checking the Fax Mailbox
Quite possible when in the Inbox View the Some of the fax emails were cached to the users inbox in their OST (Virtually a Copy) When closing out of the Fax Mailbox User OST may have synced the changes back to their inbox showing that copy
I would tend to think the crux of the issue here is likely the users FULL Access to the Mailbox and or vice versa
To start I would probably look at reviewing the access to both mailboxes
Look at the users needs
Look at what the Fax mailbox needs to do
If the user only needs to view mail items in the fax mailbox
Full Access to the Exchange Account is probably a bit over kill
You can provide the user Delegate access to the Fax Mailbox Inbox with reviewer access
Make sure calendar access is set to None, and delegate is not set to receive copies of meeting related messages
Personally, I probably wouldn’t make too big of an issue with this being a Security Threat
As its likely to have been user error, a delegate setting, or a result of a user or mailbox having FULL Access to an mailbox.
If it turns out to be one of these things might look a bit silly
However, unfortunately because the Mailbox was deleted and recreated its really hard to say exactly how this occurred after the fact.
ASKER
The user in question never had this mailbox on thier outlook but his partner did. I'm thinking now that one of rules may gone bonkers. I need to check this because she's rules that have done some crazy things cause she set it wrong. It's possible that she had a rule that forward a copy of these emails in that box by accident. A longshot but an explanation. Even though this issue was fixed I just wanted an enquirey in case it happens again. ALso, the person in question was the vice president of the company and important emails went into a mailbox that others were not supposed to view. Nothing happened but certainly could have been a problem.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This is where I will look in the future. Thank you.
Does the users use any Handheld not sure if some settings change on it could cause the issue.
- Rancy