User rights in regards to policy violations

  • From: "Marvin Cummings" <mcummings@xxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 12 Dec 2003 10:41:54 -0500

Have a sticky situation where I'm asked to navigate through a users
email to see if I can locate any wrong-doings; ie replying to any spam
sent from "questionable sites". The mail is stored on the server and I
know this users password so I would like to know if there are any
implications that can come from me logging in as this user and viewing
his mail? It's my understanding that this user initially spearheaded the
campaign to have policy created to prevent users from accessing
"questionable sites" and viewing prohibited content, so it would seem
that he'd be aware of the consequences. 
This is a first for me and I've seen postings like this before so I'd
like to get an idea of how most handle these particular situations. What
procedures, if any, should be followed to ensure that the users rights
aren't violated or that the IT department doesn't come under fire?

Other related posts: