-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matt Baldwin wrote: > While that would secure the connections from snooping if you're mailboxes > are on Office 365 and those mailbox stores do not exits on an encrypted LUN > then a service can easily read the Exchange database; anyone with server > access can read mail across all mailboxes. In fact, Microsoft supports this > type of setup with impersonation, e.g. a global user that can query any > mailbox it has permissions to within Exchange. This is how some EWS > integrated applications work. It wouldn't be that far fetched for the NSA > to incorporate the same type of query to monitor the mailboxes -- even > subscribing to change notifications so it only queries and collects when a > new mail item has arrived. Additionally, Office 365 can simply create a > journal rule and have all inbound / outbound mail journal to a location > that makes it easier for snoops to look through the messages, e.g. an > external SMTP endpoint, all without the end customers' knowledge. > > If anyone has any questions on Exchange they, too, can contact me off list. > > Just my 2-cents.
Any what's to say that email addresses at Office 365 aren't just mailing lists where you get a copy and so does $FEDAGENCY. That's how my kids' email addresses work at home :-) - -- ========= bep -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH =LDSL -----END PGP SIGNATURE-----
