Employee is about to be canned and management wants to see what/if she is sending.

[thecomputerguy]

I know there are legal implications behind this but her incoming emails are already being forwarded to someone else for review. Management wants anything she sends to get BCC'd to the same person who is receiving her incoming email.

Her email is already backed up by DropSuite but they want a live indication that she is sending mail. Would this transport rule inform her in any way that her sent emails are being monitored?

 

[callthatgirl]

Question, can't you/IT or the boss just add their email to their Outlook to read all the email in and out?

 

[Sky-Knight]

The rule does as you describe, but read and manage perms for the mailbox does the same. Unless you think she's deleting stuff from the sent items folder before they can be seen.

 

[YeOldeStonecat]

Combination of "never delete" policy....and, just give the boss delegated access to the mailbox. Her mailbox will automatically appear in the bosses Outlook (just like a shared mailbox does)

 

[thecomputerguy]

Question, can't you/IT or the boss just add their email to their Outlook to read all the email in and out?

The rule does as you describe, but read and manage perms for the mailbox does the same. Unless you think she's deleting stuff from the sent items folder before they can be seen.

Combination of "never delete" policy....and, just give the boss delegated access to the mailbox. Her mailbox will automatically appear in the bosses Outlook (just like a shared mailbox does)

I guess that's what I'll do. These are the kind of people where I give them access to her mailbox and they forget how to use it 10 minutes later... So I figured if I could give them a live action play by play they'd actually pay attention.

 

[callthatgirl]

lol, I like doing things the easy way.

 

[YeOldeStonecat]

When MFA is involved (which...hopefully it is here)..this is the easiest way, and most reliable.
And quickest....the least effort for me, I just tickle the delegate access through the admin portal of their 365 tenant...don't have to remote into any end users devices, don't have to go molest & manipulate another user accounts MFA, etc.

 

[Markverhyden]

I thought this is exactly why they have Litigation Hold. But the eu may not have the correct license.

 

[Sky-Knight]

When MFA is involved (which...hopefully it is here)..this is the easiest way, and most reliable.
And quickest....the least effort for me, I just tickle the delegate access through the admin portal of their 365 tenant...don't have to remote into any end users devices, don't have to go molest & manipulate another user accounts MFA, etc.

The rule above can be created as a mail flow rule in the Exchange admin panel, I wouldn't create such a rule on a mailbox if I wanted to do things this way.

But it is much more difficult than simply granting read and manager permissions.