Manage Learn to apply best practices and optimize your operations.

How to manage a private e-mail address in Exchange 2003

Security practitioners share tools and tactics to help create and manage a private e-mail address in Exchange 2003.

The following question and answer thread is excerpted from ITKnowledge Exchange. Click here to read the entire thread or to start a new one.

ITKE member ocarmona posed this question:
Our CEO wants to use a private e-mail account while on his Blackberry, to reduce the amount of spam he receives. However, we don't want him to use a private e-mail account because if he uses a ceoPrivate@domain secondary mailbox, people can see his personal e-mail address. However, he is the CEO so we should comply. How would you handle this request?

ITKE member jcan123 advised:
I would provide him with two e-mail addresses: ceoPrivate and ceoBlackhole. Then, make ceoBlackhole his default SMTP address in Active Directory and that will be the address recipients will see. Since some e-mail systems check the senders e-mail domain, don't use ceoBlackhole@nonexistingdomain, rather use an account you control. If you choose to give the CEO an e-mail from a subdomain to ensure the obvious account remains unused, configure an event sink to "catch all" messages -- if you don't, Exchange will drop messages that cannot be delivered.

ITKE member Almac advised:
Our CEO also requested a "private" e-mail address. To make my life easier and keep him happy, I first verified that his current e-mail address was his primary account and published it in our internal directories. Then, I created an additional user account and associated mailbox. However, I did not publish this one and made sure that it did not appear in any internal or external distribution lists. Now, our CEO can release this address to anyone, and -- most importantly --he is in control.

More Information

Find tools and tactics to help your organization mitigate the risk of spam attacks.

Learn how mobile devices can harm your network and what you can do to prevent exploits

ITKE member jpciocon advised:
I would take this approach:

  • Explain that supporting one-offs is always not a good idea
  • Ensure that your anti-spam environment is solid and
  • Keep tabs on his mailbox.

ITKE member petkoa advised:
Regardless of how you solve this problem, don't forget to explain to him that if somebody he contacts gets an "e-mail-harvesting" bug, his private e-mail address, can and most likely will, be revealed.

ITKE member MrGee62 advised:
The easiest way to handle this is to create an additional Exchange mailbox, make his user account the primary account, and configure the Outlook profile so the account opens the mailbox you created for him. Next, make sure the "open additional mailboxes" option is seen by Outlook. Once Outlook adds this mailbox, it will remember it. Finally, hide the account you created, so that it doesn't appear in the global address list. However, please note, there is a catch: the CEO will not be able to open the hidden mailbox if Outlook Web Access is used.

This was last published in April 2006

Dig Deeper on BYOD and mobile device security best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.