> c) Security of Maildir means even root user should not be able to read > any user's mail. > > Most concerned part here is part c as we don't want any user to be > able to read any other user's mail including root. What is the point of having an administrator that you cannot trust? How are you going to recover mails say in case a user leaves or is otherwise incapable of digging out the mails for the company? Do you lock the Exchange administrator out of all users mail too?