[001sky]

Notwithstanding your good points about it not being fool-proof, it is an important point that your email software doesn't essentially promote or enable corruption of the meta data in the way you describe.

As a business person, nobody would [buy/use] exchange if it was not reasonably secure from an audit trail perspective. The intergrity of the communications is required for many business's who have record retention policy and what not.

Think about an analogy for a bank's accounting system that allowed audit trails to be compromised. Its a huge problem for the purchasing people and the managerial layer that has to sign off on sarbox etc.

[mjcl]

Exchange by itself is absolutely not secure from an audit trail perspective[1]. I've specifically had this come up where an employee edited an e-mail to try and CYA.

Even if you are using journalling, an administrator can open the journal mailbox and edit messages. If you want/need a reasonably secure audit trail, you need a 3rd party product in addition to Exchange.

[1] https://www.msoutlook.info/question/edit-message-and-subject

[snowwrestler]

The combo of Active Directory + Exchange gives system administrators a lot of power to use permissions to limit who can alter or destroy critical data. But obviously someone has to be the master admin, and that person's power can't be limited by software.

Technological audit trails are trustworthy only to the extent that the admins running them are trusted.