Is the admin of MIAB able to access user accounts and the user e-mails

Hi, I searched your forums, and I didn’t find the answer to my question. Please forgive me if it’s already been addressed.

I’m not a MIAB user, but a company I do IT support work for was convinced by an employee to switch to MIAB with the employee as the primary administrator of the MIAB server. Maybe I’m being overly cautious, but I don’t think the company’s owners examined the risks that may occur when your mail admin is also an employee of the company their hosting e-mail for. This employee / MIAB admin only been with the company for a year, and the industry has a high turnover rate.

My first question is, can the admin of MIAB access the e-mails in user accounts? In other words, does the MIAB admin have the ability to view any or all emails sent or received by the users that he has configured in MIAB?

My second question is if they don’t have it already, should the owners get the admin account URL, and username and password for the admin account, should they ever decide to let the employee / admin go? I’m worried about the possibility of him leaving in a huff and deleting their virtual server account and the MIAB that’s installed on the virtual server.

My third question is what other concerns would you have if you were in my situation?

Thanks very much for any feedback you can provide. Also, thanks for hosting this forum for newbs like me to ask questions.



The system administrator can always access all email and data on the box. The root user can always do anything. All data is stored in plain text, even using a locally encrypted volume will still be readable by root since the underlying services need to be able to read it.

A company should always have access to their data; or at the very least have an escrow contract that allows them access if the other company goes bust. But that is just a good business practice.

Handing over your data to anyone is always a risk. If it’s an employee of the company it should be fine. If IT isn’t their main business I wouldn’t do it.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.