Mar 13 2024 09:31 AM
Hello -
Trying to figure out this mystery. A user shared one file via SharePoint with 4 users. A 5th user that was not involved in the sharing at all received an email notification that the file was shared with them. She then tried to open the file and it said she didn't have permissions to open it. I did notice the "This invite will only work for you and people with existing access." message in the email. We contacted the sender and she said she not send this to the 5th user and she was not BCCed in the email.
As the admin, I completed an email and Explorer trace, and nothing was shown to go to that 5th user. I also did a PowerShell command to see all inbox rules, even hidden ones, and no one had anything auto forwarding to the 5th user. I did a content search, no record of it going to the 5th user. The file itself was never shared with the 5th user. Lastly, I did a screenshare with the 5th user and the email is nowhere to be found, 28 hours later. Not in the inbox, any other folders, deleted, archived, etc. The 5th user said she did not delete or do anything with the email after opening it.
It's almost like Microsoft made a mistake and sent off a notification then pulled back the email with no trace whatsoever. While it's not as critical as it may seem since the user couldn't open the file, it could be. I say that because the name of the file is shown to the 5th user. Potentially, the file could be named something sensitive that only certain people should see. That is alarming. It also has some users concerned in this particular situation because the file was an employee review and they all now think the 5th user had access. I assured them they didn't, but this could be a massive issue if it continues.
Has anyone seen this and know what's going on?
Mar 13 2024 06:21 PM
Did you try to message trace from another Email direction, which is to the 5th mailbox?
Mar 14 2024 11:23 AM