Zimbra

Bingo · #21 (**permalink**) 02-28-2007, 02:32 AM

Quote:

Originally Posted by chh

Perhaps I am a bit over concious on this point as we had some workshops for customers dealing with these things.

I don't understand why this feature is present in the UI in the first place, so why not just remove it ?
It seems easy to do (sorry if it is not, since I have no knowledge of the admin-UI's complexity).

I also agree that this feature is not illegal, but as you mentioned it is uselessly tempting !

dkarp · #22 (**permalink**) 02-28-2007, 10:26 AM

Quote:

Originally Posted by Bingo

I don't understand why this feature is present in the UI in the first place, so why not just remove it ?
It seems easy to do (sorry if it is not, since I have no knowledge of the admin-UI's complexity).

It's present because it solves a significant fraction of user calls to the mail admin. Zimbra admins generally find this feature extremely useful -- it helps them do their jobs. Removing it would cause a huge number of support calls demanding that we put it back.

schemers · #23 (**permalink**) 02-28-2007, 10:42 AM

We should minimally provide an option to disable it, but ultimately it will be fixed when we finally get to fine-grained access control. You'll be able to specifically grant/deny access to it.

Bingo · #24 (**permalink**) 03-01-2007, 12:34 AM

Quote:

Originally Posted by dkarp

It's present because it solves a significant fraction of user calls to the mail admin. Zimbra admins generally find this feature extremely useful -- it helps them do their jobs. Removing it would cause a huge number of support calls demanding that we put it back.

OK, maybe Zimbra Admins are very curious people ?

Having an option to disable it would be very nice though !

preem · #25 (**permalink**) 03-01-2007, 01:31 AM

Quote:

Originally Posted by schemers

We should minimally provide an option to disable it, but ultimately it will be fixed when we finally get to fine-grained access control. You'll be able to specifically grant/deny access to it.

exactly, i totally agree on this one. The 'top' admin, has and needs this function, whether he uses or not, is his decision and nobody else's. It's like blaming the knife manufacturer for selling the kitchen knife to a serial killer. Its not the issue of law here, its the issue of moral. And that is based on individual him self.

I hail the fine-grained access and will restrict other admin's to this feature, but i think the top admin should have this feature at least available if not enabled.

Bingo · #26 (**permalink**) 04-06-2007, 03:31 AM

Could someone explain here what I should change and in which file(s) in order to simply remove the "view mail" link from the administration interface ?
I tried to grep this from the Zimbra folder, but I think that the server's architecture is beyond my understanding...

Thanks a lot !

jross-racemi · #27 (**permalink**) 03-11-2008, 10:29 AM

I do NOT want my execs wondering if I'm reading their mail. I'd like to be able to kill this feature. Is there a way yet?

perhaps it should be offloaded into a zimlet?

Bill Brock · #28 (**permalink**) 03-11-2008, 10:50 AM

I've never seen a mail server where the admin couldn't read mail. They all have this feature.

Perhaps you should setup encryption in your bosses e-mail client, if he uses one.

gmsmith · #29 (**permalink**) 03-11-2008, 10:59 AM

Quote:

Originally Posted by jross-racemi

I do NOT want my execs wondering if I'm reading their mail. I'd like to be able to kill this feature. Is there a way yet?

perhaps it should be offloaded into a zimlet?

Well, if you are the go to guy, they better trust you...or there is a bigger issue. As someone said, reading mail is generally a feature of all mail systems. You could ways make your account a "domain" admin which doesn't provide for general email reading, but of course that doesn't prevent you from being able to read the messages from CLI.

dwmtractor · #30 (**permalink**) 03-11-2008, 04:28 PM

I understand the concerns some of you are expressing, but I would definitely be one of the admins who would NOT like to lose the right-click view mail feature. Like many U.S. businesses, we have a printed all-employee computer policy which states essentially that the computer, its data and all accounts belong to the company and are furnished for company business. If the employee wishes to use any of this technology on a limited basis for his/her personal communication we do not prohibit it, but we express clearly that he/she has no expectation of privacy and anything done on company equipment can and may be monitored by management. Just to make it perfectly clear, our policy ends with this simple, plain-English statement:

Quote:

If you don't want us to know about it, don't do it on a company computer!

This sort of policy has been tested in the courts many times in the U.S. and has been upheld, so long as the policy is clear and provided to all employees.

I also agree with gmsmith--if your managers don't trust you with their information they are either naive or need to hire a new I.T. person, because except for encrypted information, the I.T. manager is going to have access to pretty much anything on the system anyhow.

But I do understand the desire to be able to delegate that power to some, but not all, who have other administrative roles. I would advocate that it be a switchable option, not that it be eliminated.

Cheers,

Dan

Zimbra

Downloads

Product Information

Toolbox

Why Join?