Check event logs for event ID 1016 which tells you if someone other than the owner of the mailbox has accessed the mailbox.
You should also divide up your Exchange admins. One group has top level access to the entire organization (service account admin). One group has access to only servers in a site. And the final group is delegated only the right to create mailboxes and DLs. Laurent -----Original Message----- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 5:46 AM To: MS-Exchange Admin Issues Subject: RE: MS Exchange Server 5.5 Security Issue Three things: Check your event logs, limit admin access, fire anyone in IT you don't trust. IM not kidding. IT is one of the most powerful positions in a company, and if you don't trust your people, you have a serious problem. -----Original Message----- From: cslee [mailto:[EMAIL PROTECTED]] Sent: Monday, February 04, 2002 11:54 PM To: MS-Exchange Admin Issues Subject: MS Exchange Server 5.5 Security Issue Hi, Our company is using MS Exchange Server 5.5. I'm looking for an NT utilities that could help me to track any illegal users that logging into others people mailbox. This is a very important issue for security. Just imagine, if an IT staff that had the administration permission (service account) on MS Exchange Server 5.5, he/she could view whoever mailbox, including the managing director mailbox. So, could somebody provide me a solution of providing the tracking report for illegal users, that open others people mailbox? If he/she is NOT the owner of the mailbox, the tracking report will be provide and alert message will be sending out. Thanks. > Regards, > Lee Choon Sim > IT Department > List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm