Disable Admin View Mail

[ArcaneMagus]

Quote:

Originally Posted by uxbod

You are correct in your assumption Dan My exposure to this sort of functionality has come through SOX gap analysis. And yes it should be optional as not everybody would require it. Perhaps it would suffice if the source user and target mailbox were just logged, so in the event of somebody querying it could be checked?

Hmmm, got me thinking now. Does ZM log when a mailbox has been accessed ? perhaps this could be shown on the email page of the webclient/desktop above the amount of storage used ?

Just a note about the logging of said access that a lot of you might be intereseted in:

Code:

/opt/zimbra/log/audit.log

This file stores a log of all admin actions taken as well as logins to the server.

Code:

grep DelegateAuth /opt/zimbra/log/audit.log

This will show you all uses of the "View Mail" button.

This log file keeps track of the IP address, User Agent of the browser, User that the admin is logged in as, and the account that they are viewing.

Hope this helps somebody...

[livioojose]

I read all the reply and I think the best solution would be to put the feature "View Mail" as Admin Extensions (or at most as Zimlets). So all the thousands of people who love can continue to use this functionality. And the few people who disagree with this functionality can also be satisfied.
Over the past 5 months I am preparing the infrastructure and users for the migration of our mail servers (500 accounts and four domains). But unfortunately with the discovery of this feature, we cancel the migration, because it impedes our definition of information security.
I also read about information that all mail servers offer this functionality, I disagree and exemplified with MS Exchange.
I would appreciate if there was a way to disable this feature.

I apologize if my English is not 100% correct.