We found out that, even we disable the user account in the AD and disable MAPI feature in the Exchange, If the user didnt logoff , then he can still able to open the outlook and send the email. Any method to make it happen? I am thinking, set the quota is small so that he can nnot send the email?

I think your best bet for immediate effect is a transport rule.[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

Or disable the mailbox. You can always reconnect it again later (assuming deleted mailbox retention).Tony www.activedir.org blog:www.open-a-socket.com

Or disable the mailbox. You can always reconnect it again later (assuming deleted mailbox retention).Tony www.activedir.org blog:www.open-a-socket.com

Hi, You can also remove fullmailbox access from "NT Authority\SELF", if you need to keep the mailbox for some time.Martina Miskovic

Hi, You can also remove fullmailbox access from "NT Authority\SELF", if you need to keep the mailbox for some time.Martina Miskovic

In order to immediately disable a domain user account, perform the following steps on the primary domain controller (PDC): Note: You must have domain administrative privileges in order to perform the following steps: In User Manager for Domains choose "Account Disabled" in Users Properties. Still in the Users Properties, choose "Hours" and then Disallow all hours for this user. Open Server Manager and disable the user sessions in server manager or type "net session \\computername /delete" at the command prompt.Thanks, Swapnil Prajapati

In order to immediately disable a domain user account, perform the following steps on the primary domain controller (PDC): Note: You must have domain administrative privileges in order to perform the following steps: In User Manager for Domains choose "Account Disabled" in Users Properties. Still in the Users Properties, choose "Hours" and then Disallow all hours for this user. Open Server Manager and disable the user sessions in server manager or type "net session \\computername /delete" at the command prompt. Thanks, Swapnil Prajapati I tried, not work.

disabling mapi updates the protocolsettings which is cached by the information store and may not take affect immediately until next refresh. You can disable and re-connect right away which should update the cache (in sp2 ru3)James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Hi Jame, What is the meaning of "can disable and re-connect right away " is it mean , remvoe "NT Authority\SELF" permission ?

You can disable the mailbox which disconnects the mailbox from the AD account, that will obviously make it so they can't log in, however some people may want to keep the mailbox, in that case you can disable the mailbox, run get-mailboxdatabase db1 |clean-mailboxdatabase, than just reconnect it to the same account, all cache will be flushed. You can also remove the nt authority\self on the account in the security tab of the user in ADUC. James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com