Hi I have a requirement in which I am supposed to do what is requested below. The idea is to take advantage of enhancements in Exchange 2007 SP2 (http://technet.microsoft.com/en-us/library/ee221156(EXCHG.80).aspx ). Basically not every security related event needs to be captured, instead only the following is needed to be done which will reduce our capture data and become more manageable. Well Third party app is not an option. Essentially the auditing has to be limited to only to the below two points. •Capture all events where a member of the administration team has opened a folder or message on another mailbox other than their own. •Capture all events where a member of the administration team has changed permissions on a mailbox other than their own. All help is appreciated.

Hi Access Auding will give option to gather below events only. Folder Access: lets you log events that correspond to opening folders, such as the Inbox, the Outbox, or the Sent Items folders Message Access: lets you log events that correspond to explicitly opening messages Extended Send As: lets you log events that correspond to sending a message as a mailbox-enabled user Extended Send On Behalf Of: lets you log events that correspond to sending a message on behalf of a mailbox-enabled user Access Auditing is controlled by diagnostic categories for the Microsoft Exchange information store. And there is no option to to enable Acces Auditing for specific Team or User Also, Permission changes wont be gathered using accessing Auditing..

Read this link, similar here, it may be tht you will need exch 2010 - http://social.technet.microsoft.com/Forums/en-US/exchangesvrsecuremessaging/thread/d70f1043-bca2-40ad-b712-63dc83b50ed9/Sukh