We have and exchange server running on an NT 4.0 server. We are on a Novell network and use the NT authentication to log on to outlook for our e-mail. Within profiles in outlook, if you type in another users mailbox, it will let you log onto that mailbox. Also, under file in outlook, you can open special folder and open anyone's inbox. What security am I missing and where should it be set?
This conversation is currently closed to new comments.
It sounds like your default permissions are set to something other than 'None' for the mailboxes. Each mailbox should be owned by a particular account, and should be allowed access by nobody else. You may have used the 'Everyone' group in the administrative access.
At the server, review the properties of your Exchange server site, paying particular attention to anything which seems to be a list of users (other than the recipients list). You will probably find that you have granted global owner access to everyone somewhere.
This answer steered me in the right direction. I removed the nt user rights from the site container and the recipient container and the security problem seems to have cleared up. Thanks for steering me in the right direction.
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Outlook Mailbox Security Exchange Server