The MailEnable installation creates the IME_ADMIN and IME_USER accounts. MailEnable creates/requires the accounts IME_ADMIN and IME_USER, in order to provide web mail and web administration functionality.

The purpose of each account is outlined below:

IME_USER: This account is used as the proxy account for MailEnable IIS Web Applications. This account is granted read access to the BIN\WEBMAIL and BIN\WEBADMIN directories to allow them to be published via IIS. This account is required because it is a more secure approach than relying on using other accounts as IIS proxy accounts.

IME_ADMIN: This account is used to provide the security context of COM+ applications used by MailEnable's web mail and web admin. The MailEnable COM libraries registered under COM+ run with the identity of the IME_ADMIN account (again, for security purposes).

The IME_ADMIN account needs to have full control over all MailEnable directories (and sub directories). As mentioned above, both web mail and web admin use the IME_ADMIN account as a Proxy account for the respective COM+ packages. Therefore, when you change the password for the IME_ADMIN account, both the web admin and web mail COM+ Packages need to be updated to use the same password (because the same underlying Windows Account is used for the COM+ Identity). There are no (or minor) security issues associated with these accounts (so long as the password is long enough to not be guessed).