Hi, I would like to know more about the RETURN RECEIPT feature. I am aware that Notes will send me a return receipt when the recipient whom I send the email to reads the message. However, if I have been receiving some return receipt notification from someone in my office and yet none of these mails were sent nor copied to this person. Does that mean that he/she has been accessing my emails without my knowledge and hacking it? Please advise ASAP. Urgent. Thanks.
Subject: I would suspect the same thing…
I would suspect that the ACL for your recipient’s email permits that individual.
Double check the ACL to make sure that he default access is set to “no acces” OR if it follows your expected security needs.
Another thing, I suspect it may be some “nosy” system administrators triggering the return receipts. In some organizations that may be a severe offense if it is without legitmate reasons.
-Kyle Huang
Subject: I would suspect the same thing…
Hi Kyle,
Thanks for your speedy reply.
The person who has been accessing my email is a newly appointed assistant IT system adminstrator. With the return receipt notification recieved, does that mean that he/she has been and could read everyone’s email?
If yes, this is serious and I need to bring it up to the management.
Please advise.
Subject: access to mail
Keep in mind that this IT person may have said access for the purpose of troubleshooting issues…even issues you don’t know about, such as: clearing your message getting stuck in spam filters. Or they might have been asked by the recipient to help him figure out why he couldn’t read part of your message, or been asked by management to monitor your messages. All of these are legitimate reasons why an IT person might have access to your messages.
So, by all means, bring it up to management as a security concern. But do yourself a favor and propose it as a humble question worth of research. If you go in all “naughty IT guy”, you might look foolish.
Subject: consider private encryption keys features for securing email.
From re-reading your scenario, I would suspect your administrator was probably in the email of individuals that you sent emails to. When they open the email to read or go to the next message with a preview pane opened, it triggers your return receipt. They could have legitimate reasons such a troubleshooting, verifying, etc. However, some organizations do have problems with people thinking that they are “god-like” and overstep their boundaries.
There is really no reason to limit acceses to the email administrators in any system. Professional ones understand not to go poking when they do not have a legitmate reason. Having unprofessional administrators is another thing.
I think in case of securing communications, consider using private encryption keys. You can create them from the menus when you open up your ID file. The private keys can then be emailed (or by sneaker-net) where they can merge it into their ID file. Users with the key can read the message; users without should receive a blank field. The encrypted message, however, is contained in the body of the emails, and your “nosy” administrator could trigger off the return receipt without the ability to read the message.
Again, keep in mind that there could be legitimate reasons why the administrator is in the recipients email.
-Kyle Huang
Subject: Forwarded to development <>
DB/SC
Subject: Forwarded to development <>
Hi Lisa,
I don’t really understand your ocmment.
Please advise.
Thank
YM Teo
Subject: Internal comment…
Hi - That’s our process for keeping track of what our team is looking at. When someone here sees a posting and forwards it to the appropriate developers for a response, we log a comment like the one above, so other folks here know the issue is being looked at.
Subject:
most likely explanation is that the new it person was added to a group that the memo is being sent to.