On Fri, Jul 12, 2013 at 5:23 PM, Bruce Pinsky <bep@whack.org> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
While that would secure the connections from snooping if you're mailboxes are on Office 365 and those mailbox stores do not exits on an encrypted LUN then a service can easily read the Exchange database; anyone with server access can read mail across all mailboxes. In fact, Microsoft supports
type of setup with impersonation, e.g. a global user that can query any mailbox it has permissions to within Exchange. This is how some EWS integrated applications work. It wouldn't be that far fetched for the NSA to incorporate the same type of query to monitor the mailboxes -- even subscribing to change notifications so it only queries and collects when a new mail item has arrived. Additionally, Office 365 can simply create a journal rule and have all inbound / outbound mail journal to a location that makes it easier for snoops to look through the messages, e.g. an external SMTP endpoint, all without the end customers' knowledge.
If anyone has any questions on Exchange they, too, can contact me off
Matt Baldwin wrote: this list.
Just my 2-cents.
Any what's to say that email addresses at Office 365 aren't just mailing lists where you get a copy and so does $FEDAGENCY. That's how my kids' email addresses work at home :-)
- -- ========= bep
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH =LDSL -----END PGP SIGNATURE-----
You spy on your kids? I thought not being able to put a lock on my door was bad... N.