In exchange 03 you can go to the Exchange System Manager, then navigate to the email server where the questionable account resides, then navigate to the mailboxes on that server, when it pulls the list of mailboxes on that exchange server, it will also show a last logged in by column. We have caught a person accessing other users email account this way. Of course all admins have these rights by default.

One thing to keep in mind is that you have to check the access pretty quickly if you are using volume shadow copy to snapshot your information store and/or if you are using certain backup products.

These tools reset the last login by info that Exchange03′s system manager reports – the ‘fallow’ email accounts I have currently all show last login by the account the backup runs as.

Pet geek is correct any services tied to the exchange server can log into an inbox for such instances as backing up. My suggestion was not intended to eliminate authorized admin users to the account, i.e. services that need an admin account such as a backup admin., but you can look and see users who are admins that should not be accessing the account. Of course you will only see the last login by, we caught a programmer (with admin rights) in our company logging into email accounts he did not have permission to, the only permission he had was his admin rights, another reason to deny roles and permission for only need be basis. Thanks Pet geek.

Hi,

Im also some of new learning, but from my experience, i know that the administrator can open your e-mail address without your permission. Look, in my company im like a Junior Administrator and from security reasons we cant leave the mail boxes without changing during 3 months at least, i means that you must changing your e-mail address after this time. Now, think like if i want to know what really happens about you or all secrets thats is inside of your mail box, i can login in server because im Administrator and look for your mail box, so the next step is just RESET YOUR PASSWORD, and put the default password to access your mail box to see everything that is inside.
As result, when you find and ask me the reason that you cant open your mail box, i will tell you that MAYBE IS READY EXPIRED and just give time to reset , and you will to believe me.
Offcourse that it works better if you have exchange server with outlook web access, and you can access from any place. Please my friends, it is just a Joke that i can do, but i never worker like that, and i realize that my Senior Admin works like that.
FROM MY SECURITY REASONS I NEVER LEFT ANY SECRET IM MY BOX, BECAUSE THAT BOX BELONGS TO COMPANY.

Thanx

betojoe1980, if you have something you need help with please sumit a new question. Thanks!