Exch2007: Server-side mailbox rules still run with account disabled
in [Microsoft Exchange]
|
From: Peter Venkman on 25 Jun 2010 14:16 Hi, It looks like this may be alarming be an alarming flaw in Exchange security at least for my company's processes in regards to term'ed employee mailboxes. If somebody sets up a server-side rule that forwards all their incoming to an external address, that rule stays active even after disabling the mailbox. Is there a way to prevent this globally, or are we going to need to manually go into every single mailbox of people who leave the company and clear rules? Thanks. PVD
From: M on 25 Jun 2010 16:23 Hello: You can disallow automatic forwarding of e-mails to external addresses globally, but I'm not aware of anything to automatically delete or disable rules when an account is disabled. There's a legitimate reason for allowing rules on disabled accounts/mailboxes. If you set up a resource mailbox (which has a disabled AD account), you might need to set up some rules on that. -- Regards, M MCTS, MCSA http://SysAdmin-E.com "Peter Venkman" <pauldi(a)iona.com> wrote in message news:0130ecc4-d662-4222-b3ef-4becfa00d715(a)b35g2000yqi.googlegroups.com... > Hi, > > It looks like this may be alarming be an alarming flaw in Exchange > security at least for my company's processes in regards to term'ed > employee mailboxes. If somebody sets up a server-side rule that > forwards all their incoming to an external address, that rule stays > active even after disabling the mailbox. Is there a way to prevent > this globally, or are we going to need to manually go into every > single mailbox of people who leave the company and clear rules? > Thanks. > > PVD
From: Rich Matheisen [MVP] on 25 Jun 2010 17:12 On Fri, 25 Jun 2010 11:16:08 -0700 (PDT), Peter Venkman <pauldi(a)iona.com> wrote: >It looks like this may be alarming be an alarming flaw in Exchange >security at least for my company's processes in regards to term'ed >employee mailboxes. If somebody sets up a server-side rule that >forwards all their incoming to an external address, that rule stays >active even after disabling the mailbox. Is there a way to prevent >this globally, or are we going to need to manually go into every >single mailbox of people who leave the company and clear rules? >Thanks. Delete the mailbox. Done! --- Rich Matheisen MCSE+I, Exchange MVP
|
Pages: 1 Prev: Migration from Exch2003 --> 2010 Next: change display name |