10 thing about, and 3 security tips for Managing Shared Mailboxes

A Shared mailbox is a wonderful thing. It’s a very popular free no license required (most of the time) feature of 365. You can preserve a former employees mailbox and assign access to it to others in the department or to the replacement person. Either way it doesn’t clutter up their own mailbox like a forward or an alias does. You can use it to receive special purpose email that several people need access to, like accounts receivable or other departmental level boxes. But there are a few management tricks that you need to know in order to successfully managed shared mailboxes.

10 things to know about shared mailboxes

  1. You can’t share it reliably with more than 25 people. Microsoft notes in their documentation that duplicates and other errors are likely to occur.
  2. Similarly you can’t have a lot of shared mailboxes in your Outlook. There’s no published limit but in practice more than 5 shared mailboxes and you’ll started to get some odd behaviors like Outlook not finishing loading and extreme slowness.
  3. The size of the mailbox is limited to 50GB.
  4. If the shared mailbox was converted from a users account, then the mailbox retains the credentials of that user.
  5. If the shared mailbox is created from scratch, then a user account gets created for it and a not too complex password is generated.
  6. You shouldn’t send encrypted email from a shared mailbox. Because, when exchange processes that request it won’t know which public key to assign to that email. This results in potentially the mail being readable by people you didn’t intend.
  7. If you need to backup the mailbox, then a license is required
  8. If you turn on Litigation Hold, then a license is required
  9. How do you buy a license for a shared mailbox? You buy the Exchange plan you require for the function you need to license and you don’t assign it to anyone.
  10. Rules stay with the mailbox when its converted and everyone with access to the shared mailbox can create new rules. You could end up with conflicting rules. To delete a rule for a shared mailbox, log into the mailbox using OWA.

Security tips for shared mailboxes

  1. Change the password for the account that you convert into a shared mailbox
  2. Disable logon to the shared mailbox
  3. Create an exchange mail flow rule to prevent encrypted messages from being sent by a shared mailbox

All we do is support IT professionals. Microsoft 365 technical assistance, Super Secret News, Security community, MSP Legislation community, EndPoint, Defender and Lighthouse community, Peer groups, Kits, papers, Business consulting and more. https://www.thirdtier.net

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.