Outlook – access to inbox permissions

0 pts.
Tags:
Email permissions
Outlook
Outlook permissions
Is there a faster way of verifying that any given user is not able to access any other user's outlook inbox without having to test every mailbox? If a user wants to give permissions to another user to view their calendar, or tasklist etc., that is ok. I just want to make sure no one can share their inbox. Platform: Outlook 2000 with Exchange Server 2003 Thank you.
ASKED: December 26, 2006  2:30 PM
UPDATED: February 5, 2009  8:38 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

I do not believe that there is any way you can prevent a user from sharing his inbox with another user or a number of users. However, so long as “send on behalf of” or “send as” permissions are not granted by an Exchange administrator, the user with access will not be able to send messages as the other user.

What is your true concern here? Is it the sending of messages as another person, or is it the deletion of messages from another’s inbox?

Discuss This Question: 6  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Petroleumman
    Hello, When you create a new mail enabled user account in AD, mailbox rights are assigned to 'self' which give appropriate permissions to the mailbox owner. No other domain users will be authorized access by default. Granting access to another user can be done either by the mailbox owner through Outlook or by an Administrator through AD => user properties => Exchange Advanced tab => mailbox rights. If you have a default mailbox configuration then your users mailboxes should be safe from outside access. If someone has reported access by another user, check the permissions described above and edit as needed. Good luck!
    0 pointsBadges:
    report
  • Jmello
    Thank you guys for your reply. The issue of concern is that it was found that certain users were able to view the inbox of a high level management employee who deals with confidential matters on a regular basis. Even though they cannot 'send as', they are not suppose to even be able to view the inbox. But the employee states that he never changed permissions on his inbox to allow others to view it. The permissions have been fixed so his inbox is ok now but now he wants a test done on every account to see if any users' inboxes are viewable by any other user. I was just wondering if there was a faster way of verifying this other than performing a File-Open- Other user's folder for every user. Could I apply permissions to the 'Everyone' group and accomplish the same thing? Thanks.
    0 pointsBadges:
    report
  • Stevesz
    You do not say where the permissions were changed. Were they changed by this manager, or were they changed in Exchange by an administrator? If they were changed by this manager, end of story. He would be the only one, someone he gave his username and password to, who could have made the changes to allow other users to see his inbox. If the change was made by an administrator at the Exchange level, there should be a "paper trail" of the request for the change--his original request, as well as the date of the change and who the change affected--on file somewhere. If you have a manager over you, let your manager know the status of this situation, and have the other manager go through him to make his request, and your manager should be able to deflect it. The hardest thing in the world is to prove a negative ("When did you stop beating your wife?").
    2,015 pointsBadges:
    report
  • Qlasss
    You can write a script to dump ACLs. Here's one write up on this method: http://gsexdev.blogspot.com/2005/06/reverse-permissions-audit-scripts-part.html
    0 pointsBadges:
    report
  • Qlasss
    You can write a script to dump ACLs. Here's one write up on this method: http://gsexdev.blogspot.com/2005/06/reverse-permissions-audit-scripts-part.html
    0 pointsBadges:
    report
  • chillsyll
    I have noticed that when I log on mail sent is already opened (not by me)......is this possible and who would have access to do that?
    10 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following