Disable Option To Open Other User's Folders in Outlook

Good Afternoon,

We have a Windows environment with a SBS 2011 server with Exchange 2007.

There is one Outlook 2007 user in particular who for some reason, her email folders can be seen by other Exchange users if they Open it (File -> Open -> Other User's Folder.) When I tested this with other users, it was possible to view everyone's folders.

I looked in the Exchange Management Tool but I didn't see any signs of these folders being shared. I looked in her Outlook Security settings and I noticed that "Authenticated Users" are allowed to "Read Exchange Information", among other permissions.

My question is... Are there other security settings (client side or server side) that can prevent users from viewing each others' email folders?
Who is Participating?
mfriederConnect With a Mentor Author Commented:
Yes, I looked into her Outlook app and in the properties for her Inbox it had "Default" with the "Owner" level access. I deleted Default and added her own username as "Owner" and it worked. Now even if someone pulled up her inbox, they won't see anything.
Hypercat (Deb)Commented:
You have Exchange 2007 running on an SBS2011 server?  That's unusual and I'm going to assume that this means that it was a manual install of some kind, not installed as part of the SBS2011 installation, which includes Exchange 2010.  

It sound to me as though there's some type of misconfiguration here.  The only way that a user would be able to open another user's mailbox folders would be for them to be given explicit permission at the Exchange mailbox level or by a user setting permissions in Outlook.  So, there are two places to look:

1.  In the Exchange System Management console, drill down to the mailbox level.  Right-click one of the problem mailboxes and go to Manage Full Access Permissions. Check the list to see if certain users or a group that includes all users is on this list.  Do the same with the Manage Send As Permissions.

2.  If you don't find anything there, then go to the user's Outlook application, right-click on their top-level mailbox and go to Properties. Look at the Permissions tab for any users that have rights to open this folder. Do the same with other folders within Outlook to find any locally set permissions.

There's a third place to look, but that's a bit more complicated, so for now just check those two areas.

I'm not sure what you're referring to as "Outlook Security."  If you mean the security settings on the user's active directory account, it is normal for Authenticated Users to have Read Exchange Information permissions to every mailbox.
mfriederAuthor Commented:
Because I figured it out.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.