Forum Discussion

RPN_WV's avatar
RPN_WV
Copper Contributor
Sep 04, 2024

Outlook Mobile Delegate can Access Private Items

Hello all,


I have the following challenge as an M365-Admin, please help me find a solution:


The management team in my company have assistants.

The assistants are given Full Access to the EXO Mailbox via the EXO AC.

 

When a person from management team is sending emails which are marked as private they (the assistants) connot see these emails on their desktop outlook client - but when they access the delegated mailbox via outlook for android or ios (or on the web), they can see/view the private messages.

 

what is the reason for that and how can i fix this?

 

Thanks in advance

  • Ankit's avatar
    Ankit
    Brass Contributor
    Hey!

    let sort this out !!

    The reason for this behavior is that the "Private" flag on an email in Exchange Online (EXO) is a client-side feature, not a server-side feature. This means that the "Private" flag is only respected by the Outlook client, not by the EXO server.

    When an assistant accesses the delegated mailbox via Outlook for Android or iOS (or on the web), they are accessing the mailbox directly on the EXO server, which doesn't respect the "Private" flag. Therefore, they can see the private emails.

    However, when they access the mailbox via their desktop Outlook client, the client is respecting the "Private" flag and hiding the emails from them.

    To fix this, you need to allow the assistants to see private items in the delegated mailbox. You can do this by checking the "Delegate can see my private items" box in Outlook.

    Here are the steps to do this:

    Open Outlook and go to the "File" menu.
    Click on "Account Settings" and then select the "Delegate Access" tab.
    Check the box next to "Delegate can see my private items".
    Click "OK" to save the changes.

    Cheers!!

    Regards,
    Ankit
    • Chris Gill's avatar
      Chris Gill
      Copper Contributor

      Hi Ankit.

       

      Thanks for the clarification regarding client-side resulting in the experience in the Outlook client. I'm not sure if RPN_WV was asking this question to allow private items to be seen on all devices/apps, but I am interested in the opposite. I am interested in how if a "manager" marks an e-mail as "Private" that it is stays private across all platforms and cannot be read by the "assistant" at all. Is this outcome possible?

       

      Thanks,

      Chris

Resources