Exch2007: Server-side mailbox rules still run with account disabled

Status
Not open for further replies.
P

Peter Venkman

Hi,

It looks like this may be alarming be an alarming flaw in Exchange

security at least for my company's processes in regards to term'ed

employee mailboxes. If somebody sets up a server-side rule that

forwards all their incoming to an external address, that rule stays

active even after disabling the mailbox. Is there a way to prevent

this globally, or are we going to need to manually go into every

single mailbox of people who leave the company and clear rules?

Thanks.

PVD
 
M

M

Hello:

You can disallow automatic forwarding of e-mails to external addresses

globally, but I'm not aware of anything to automatically delete or disable

rules when an account is disabled.

There's a legitimate reason for allowing rules on disabled

accounts/mailboxes. If you set up a resource mailbox (which has a disabled

AD account), you might need to set up some rules on that.

Regards,

M

MCTS, MCSA

http://SysAdmin-E.com

"Peter Venkman" <pauldi@iona.com> wrote in message

news:0130ecc4-d662-4222-b3ef-4becfa00d715@b35g2000yqi.googlegroups.com...
> Hi,

> It looks like this may be alarming be an alarming flaw in Exchange
> security at least for my company's processes in regards to term'ed
> employee mailboxes. If somebody sets up a server-side rule that
> forwards all their incoming to an external address, that rule stays
> active even after disabling the mailbox. Is there a way to prevent
> this globally, or are we going to need to manually go into every
> single mailbox of people who leave the company and clear rules?
> Thanks.

> PVD
 
R

Rich Matheisen [MVP]

On Fri, 25 Jun 2010 11:16:08 -0700 (PDT), Peter Venkman

<pauldi@iona.com> wrote:


> It looks like this may be alarming be an alarming flaw in Exchange
> security at least for my company's processes in regards to term'ed
> employee mailboxes. If somebody sets up a server-side rule that
> forwards all their incoming to an external address, that rule stays
> active even after disabling the mailbox. Is there a way to prevent
> this globally, or are we going to need to manually go into every
> single mailbox of people who leave the company and clear rules?
> Thanks.


Delete the mailbox. Done!

-
Rich Matheisen

 
M

mikee

Re: Exch2007: Server-side mailbox rules still run with account di

What if you set the send/receive mail settings to zero on the users profile,

would that prevent emails from being forwarded via a rule?

"Rich Matheisen [MVP]" wrote:


> On Fri, 25 Jun 2010 11:16:08 -0700 (PDT), Peter Venkman
> <pauldi@iona.com> wrote:
>
> >It looks like this may be alarming be an alarming flaw in Exchange
> >security at least for my company's processes in regards to term'ed
> >employee mailboxes. If somebody sets up a server-side rule that
> >forwards all their incoming to an external address, that rule stays
> >active even after disabling the mailbox. Is there a way to prevent
> >this globally, or are we going to need to manually go into every
> >single mailbox of people who leave the company and clear rules?
> >Thanks.


> Delete the mailbox. Done!
> -> Rich Matheisen
>
> .
>
 
J

John

Re: Exch2007: Server-side mailbox rules still run with account di

enable teh user account. Change teh password. log in as that

user....delete rules.

Disable teh account.

"mikee" <mikee> wrote in message

news:32024EE8-D142-4248-8C2A-1568F321375A@microsoft.com...
> What if you set the send/receive mail settings to zero on the users
> profile,
> would that prevent emails from being forwarded via a rule?

> "Rich Matheisen [MVP]" wrote:
>
> > On Fri, 25 Jun 2010 11:16:08 -0700 (PDT), Peter Venkman
> > <pauldi@iona.com> wrote:
> >
> > >It looks like this may be alarming be an alarming flaw in Exchange
> > >security at least for my company's processes in regards to term'ed
> > >employee mailboxes. If somebody sets up a server-side rule that
> > >forwards all their incoming to an external address, that rule stays
> > >active even after disabling the mailbox. Is there a way to prevent
> > >this globally, or are we going to need to manually go into every
> > >single mailbox of people who leave the company and clear rules?
> > >Thanks.

>

>> Delete the mailbox. Done!
> > -> > Rich Matheisen
> >
> > .
> >
 
P

Peter Venkman

Re: Exch2007: Server-side mailbox rules still run with account di

Thanks all.

As for the legitimate reason for allowing rules on mailboxes, I'd

agree. Resource mailboxes should certainly allow rules to be run

while disabled. User mailboxes... I don't agree with. Since

Exchange 2007 differentiates between the two, I see it as a flaw.

Thanks for the rest of suggestions. We have Forefront, so we can

filter outgoing mail through a blocked sender list. It just adds an

extra step to the term process. Unfortunately, we have to keep them

disabled but not deleted per company policy for 30 days and some have

server-side forwarding in place to managers/replacements.

PVD
 
P

Peter Venkman

Re: Exch2007: Server-side mailbox rules still run with account di

Thanks all.

As for the legitimate reason for allowing rules on mailboxes, I'd

agree. Resource mailboxes should certainly allow rules to be run

while disabled. User mailboxes... I don't agree with. Since

Exchange 2007 differentiates between the two, I see it as a flaw.

Thanks for the rest of suggestions. We have Forefront, so we can

filter outgoing mail through a blocked sender list. It just adds an

extra step to the term process. Unfortunately, we have to keep them

disabled but not deleted per company policy for 30 days and some have

server-side forwarding in place to managers/replacements.

PVD
 
P

Peter Venkman

Re: Exch2007: Server-side mailbox rules still run with account di

Thanks all.

As for the legitimate reason for allowing rules on mailboxes, I'd

agree. Resource mailboxes should certainly allow rules to be run

while disabled. User mailboxes... I don't agree with. Since

Exchange 2007 differentiates between the two, I see it as a flaw.

Thanks for the rest of suggestions. We have Forefront, so we can

filter outgoing mail through a blocked sender list. It just adds an

extra step to the term process. Unfortunately, we have to keep them

disabled but not deleted per company policy for 30 days and some have

server-side forwarding in place to managers/replacements.

PVD
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
K Mailbox Calendar Events Randomly Change - Exch2007 Exchange Server Administration 2
O how can i find who is deleting apointments on calendars (exch2007) Using Outlook 1
O apointments appear to be from assistant instead of manager (exch2007) Using Outlook 1
S Mailbox database migration required time Exch2003 to Exch2007 vs. Exch2003 to Exch2010 Exchange Server Administration 3
J Moved many emails to Outlook external folder, need to delete on Gmail server Using Outlook 13
icacream Enter your user name and password for the following server. Using Outlook 5
T How can Exchange be configured to sync/push one-way so that the server data can't be affected Exchange Server Administration 0
F outlook.com Exchane Server corrupts data Since September 2019 Using Outlook.com accounts in Outlook 6
llama_thumper Setting up forwarders on Exchange server Exchange Server Administration 0
W Encrypted connection to server refused Using Outlook 0
B Server errors Outlook 2007 Using Outlook 1
M Outlook 2016 Requesting data from server Using Outlook 0
R Copy Outlook Public Folders to a File Server Shared Folder Using Outlook 0
I IMAP - are emails dynamically fetched from server as required? Using Outlook 2
CWM030 Name Server's Exchange Server Administration 15
CWM030 Archiving ON the imap server Using Outlook 3
G How to have domain client use owa server instead of exchange server while connect to network Using Outlook 1
GaryW88 2016 Archiving IMAP keeping mail on Gmail Server Using Outlook 1
R Would creating a new profile cause Outlook to download all the old mails from the server? Using Outlook 1
P Microsoft Outlook is requesting data from the server Using Outlook 2
J Old unread emails on current date (MDaemon Server) Using Outlook 1
E Duplicate, nested account folders on ATT server Using Outlook 10
Cdub27 Your changes to this item couldn't be saved because Server Denied Operation (HTTP 403 Forbidden) Using Outlook 1
O Outlook 2016 0x800CCC0F 'The connection to the server was interrupted' Using Outlook.com accounts in Outlook 1
crazyboy Problems connecting to BCM on Server Using Outlook 2
M Problems Downloading Content from Server(s) Using Outlook 0
K IMAP Server Wants to alert you to the following: cannpt rename system folder Using Outlook 1
T Uploading Outlook 2016 Contacts to Exchange Server Drops "Company" field data in 30% of records Exchange Server Administration 4
Diane Poremsky Archiving Tools for Exchange Server New Slipstick.com Articles 4
Diane Poremsky Changing the Message Size in Exchange Server New Slipstick.com Articles 0
R Outlook 2007 - Shared Accounts and Resources without Exchange Server Using Outlook 0
J IMAP server Using Outlook 0
Diane Poremsky Exchange Server Updates March 2016 New Slipstick.com Articles 0
J Your IMAP server wants to alert you to the following: cannot remove system folder Using Outlook 3
oliv- "Online mode with Exchange server" vs "online" Exchange Server Administration 2
W Deleting Emails from the Server in Outlook 2016 Using Outlook 2
B Outlook not deleting messages from server Using Outlook 0
I Random Chinese characters in email copied from a pst file. Exchange Server 2016 Public Folder Exchange Server Administration 1
M Outlook 2010 Error: Your IMAP server closed the connection Using Outlook.com accounts in Outlook 1
Diane Poremsky Save Sent Items in Shared Mailbox using an Exchange Server Cmdlet New Slipstick.com Articles 0
K IMAP Subfolders missing after migrating to new server Using Outlook 0
Diane Poremsky Exchange Server and SMTP Servers New Slipstick.com Articles 0
J Leave mail on server when Outlook off Using Outlook 0
B Can't Connect to Office365 Exchange Server Exchange Server Administration 2
Ascar_CT Outlook.com transition to Exchange Server on the back-end Using Outlook.com accounts in Outlook 0
E I have had a total server crash. Exchange Server Administration 2
Diane Poremsky Common Outlook Outgoing Server (SMTP) Errors New Slipstick.com Articles 0
Diane Poremsky Exchange Server Usage, Reporting, and Analysis Tools New Slipstick.com Articles 0
Diane Poremsky Exchange Server Migration Tools New Slipstick.com Articles 0
L Outlook clients did not reconnect to Exchange when one CAS server in CAS array became unresponsive Exchange Server Administration 1
Similar threads


















































Top