how can i secure my default mailbox in outlook 2003.

[Guest]

i use microsoft outlook for with excahange server for accessing my internal
mails. i have configured the users in my exchage server.
when i am trying to access thru outlook. it asks me for login name and
password.
but even if i click on the cancel button, it is allowing me to access the
existing inbox, sent items etc. in fact my entire mailbox. only thing i will
not be able to do is i will not be able to send or receive any new mails.
i should not be allowed to get into my mailbox until i give my password.
would anyone of you please help me out in this

 

[Guest]

Normally, outlook is configured to open the default mailbox, which should be
the mailbox of the logged-in user. Normally you should not be asked any
password since Outlook uses the same password than the Windows Active
Directory password...
I guess you are working in exchange cached mode, which would explain why you
can see existing data in your mailbox. - What do you see on the lower right
side of the outlook status bar?
If you gave a little more information about versions and setup for windows
and outlook profiles it might be easier to solve your problem

 

[Brian Tillman]

i use microsoft outlook for with excahange server for accessing my
internal mails. i have configured the users in my exchage server.
when i am trying to access thru outlook. it asks me for login name and
password.
but even if i click on the cancel button, it is allowing me to access
the existing inbox, sent items etc. in fact my entire mailbox. only
thing i will not be able to do is i will not be able to send or
receive any new mails.
i should not be allowed to get into my mailbox until i give my
password. would anyone of you please help me out in this

Why do you view this as a problem? Since you are the only one who knows
your WIndows credentials and because you always screen-lock your PC or log
off when you're not at it, then no one else can start your Outlook when
you're not there. If they can, then you've got a bigger problem than
Outlook showing your mailbox cache.

 

[ugfrog]

Ani,
I just discovered the same thing. I was helping my wife with something on
the computer when she accidentally clicked on Outlook. I have Outlook set to
open in my Hotmail inbox. By the time she realized she had clicked on the
Outlook button instead of the Word button, the dialog box for logging in had
presented itself. She clicked on "Cancel" and instead of having Outlook shut
down, my Inbox was displayed. She shut it down at that point, but since
then, I've experimented and found exactly what you have seen -- namely that
anyone who wants to see anything in my e-mail folders can do so simply by
clicking "Cancel" when asked to log in. That isn't SECURITY at all - it's an
invitation for others to peruse my stuff which is supposed to be
password-secured!
Brian Tillman suggested that this shouldn't be an issue. Well, it's not
except for two things: #1, everyone in this family uses the computer WITHOUT
different user LOGONs. #2, especially now, near my wife's birthday, I have
e-mails that will (just by their subject lines) tell her at a glance what I'm
getting her for her birthday. She loves surprises, but just from that
glance, she may very well know what I'm getting her. Besides, being a
mainframe computer programmer myself, I've never seen an application that is
secured by a logon routine that can be accessed simply by supplying NO
password, or worse yet, by hitting "Cancel", then being allowed access to
what is supposed to be secure. Microsoft, I think you've got a BUG here!

 

[Brian Tillman [MVP - Outlook]]

Brian Tillman suggested that this shouldn't be an issue. Well, it's not
except for two things: #1, everyone in this family uses the computer
WITHOUT
different user LOGONs. #2, especially now, near my wife's birthday, I have
e-mails that will (just by their subject lines) tell her at a glance what
I'm
getting her for her birthday.

If you're concerned AT ALL about this, then you'd make sure everyone has his
or her own user login. What you describe is like a patient of a doctor being
concerned about his bacterial infection but telling the doctor that he won't
use the prescribed medicine.

She loves surprises, but just from that
glance, she may very well know what I'm getting her. Besides, being a
mainframe computer programmer myself, I've never seen an application that is
secured by a logon routine that can be accessed simply by supplying NO
password, or worse yet, by hitting "Cancel", then being allowed access to
what is supposed to be secure. Microsoft, I think you've got a BUG here!

No bug at all. Outlook is designed to be used both offline and online. By
cancelling the online credentials, you've instructed Outlook to work offline
and it appropriately gives the user access to the data already on disk.

 

[Uli Maui Tech Guru]

I'd still say that there should be a way to run multiple outlook profiles
with cached exchange under same windows login and have password protection
for the .OST file as there normally is for the stand alone .PST file. ...

I have a client with 4 retail stores, with total 35 users using same windows
logins for the store so POS + store documents can function with ease, but
with individual Exchange mailboxes. This is on remote locations so hence
Cached Exchange is needed to optimize speed of use. ....

Simply put; I consider it a security flaw that Outlook cannot lock down
offline folders if the Exchange password dialog is cancelled.