Any folder called precisely "forwebmaster" gets the content automatically deobfuscated when support view the account. There's probably an interesting blog post in how that's achieved in the JMAP middleware using a reverse index on each blob to allow you to download any attachment that's referenced by those messages as well... but I digress.

The forwebmaster method (legacy names 'r' us) is very useful for debugging issues like display problems with various types of message (often this is an issue with poorly encoded messages where the character set name is invalid or the encoding is broken, and we fix them by adding another hack to our server to detect and repair that particular type of error). We don't explicitly ask for consent to look at forwebmaster, because the process of creating that folder and putting messages in there is an active request for them to be examined.

For more complex issues which require more visibility into the contents of an account, support agents can request full access. For this they need to provide a reason, and that reason describes how they obtained consent or other reasonable grounds for examining this particular account - e.g. evidence of abuse where the determination needs to be made whether to temporarily lock the account as stolen or close it as entirely fraudulent.