Hi,
One could access someone's email from the server, if he has administrative rights, then on most email servers he can read the emails directly, or set up an alias, so he receives a copy of the other person's emails (the latter is good, because even if hes administrative rights are revoked the emails will be sent to his address and on a server with a lot of users something like that goes unnoticed easily)
Or, if he has access to the computer/laptop, he can read emails from there, or even better he can recover the password if it was saved from the email client or from the browser, if your boss uses webmail and he saved the password (there are lots of programs that recover saved outlook, outlook express passwords as well as passwords saved by any browser and one only needs 5-10 minutes of access to run such a program and he has the password to use from anywhere). Also, one can run a keylogger on other person's computer to find out the passwords that he use and he would only need a few minutes of access, and then the keylogger would email him the passwords.
That's what I can think of now, but there are other ways too.
