In the RTM version of Exchange 2003, if you disable an active directory user account, mail flow to the disabled user’s mailbox stops. To a sender, it is as though the mailbox doesn’t exist.
If the SELF SID is missing from the Mailbox permissions, store.exe checks to see if the msExchMasterAccountSID is populated (this is the same as before). If it is not populated, then store.exe will use the objectSID of the user account, which should always be present.
This is good news for some administrators and bad news for others.
The good news is that if you want to temporarily restrict a user from accessing his mailbox but do not want him to lose out on receiving important e-mail, this is now possible. Also, if an employee leaves the company and you would like to configure an Out of Office message stating that he is no longer working there and at the same time disable the account for security purposes, this is now possible.
The bad news is that the above is not good enough for some companies. They just want to disable the account and forget about it. In such cases, administrators can adjust the delivery restrictions for the disabled user and configure that the user receive mails *only from* his own account. Or, you can configure ‘prohibit send/receive’ at 0 KB. Or, you can simple change or remove the SMTP email address of the user.
About Shijaz Abdulla
Shijaz Abdulla is a Datacenter Technology Solutions Professional at Microsoft, based in Doha - Qatar and helping customers better manage their infrastructure using Microsoft technologies. He is a blogger and a technology enthusiast.