As part of a security audit (exchange 2003), whereby you have some HIGHLY sensitive mailboxes, what access control lists need to be reviewed to rull out every possible avenue whereby someone could get to the mail content? I no in aduc you can check mailbox rights in exchange advabnced tab, there are some scripts that can view any misconfigurations set via "delegate rights" in outlook, but there must be other paths to get to the mailbox, potentially. What else must be reviewed in terms of access control lists for full assurance on who can/could access highly sensitive mailboxes ?

Run LDIFDE to see if there is any delegate, and run DSACLS to get the AD permission.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.