Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


How do I restrict changes to the original text/content of an email from others?

Posted on 2005-04-20
Medium Priority
Last Modified: 2010-04-08
Using Outlook 2003 - A highly valued customer (John Doe) would like to restrict any changes being made to emails he sends out to 'Jane Doe.'

For example: When 'Jane' receives John's email, she will Forward the message to others still.  The problem is that when she clicks the Forward button, this allows her to scroll down and modify the original text of John's message. John does not want the original text modified in any way.  He sends the message out as Plain Text with the security option of Read Only (New Message > Tools > Options > Security tab > Read Only); however, Jane is still able to make modifications once she clicks the Forward or Reply button.  Is this type of restriction possible?
Question by:phonemate
  • 4
  • 2
LVL 45

Expert Comment

ID: 13822166
Hi phonemate,

>  Is this type of restriction possible?
No ... what you can do is append message hash to the message. If changes are made to the message, hash will not match ...
They will not prevent modification but they will help detect one.

Read a bit into digital signatures

Another option would be to put content of message on a web page (which can be protected) and pass the link to it in a mail ... However, it will be clumsy for mail exchanges and still leaves out possiblity for copy paste and modify.

LVL 28

Expert Comment

ID: 13823021
Perhaps send the message as an attached PDF?

Chris B
LVL 45

Accepted Solution

sunnycoder earned 2000 total points
ID: 13823324
PDFs can be edited too ...
You can add password protection to PDFs, but there are tools to recover those passwords too.

Yet another way would be to copy paste, edit and then forward.

The most difficult task would be to find a meaningful alteration of the original message which generates the same message signature ... but then, that is not prevention of alteration, it is capability of detection of alteration.

Preventing alteration when information is on another system is very very hard to accomplish ... I have not come across a reliable method for the same. Once they have the data, they have complete control over it.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 13824737
I appreciate the quick response, thank you.  The whole organization is currently using Digital Cert's for email; top executives even use encryption.  That, in itself, is becoming a problem as the 'now-common' digital validity is not checked as much anymore.  We are just trying to automate the process but did find that a mischievous modifier can easily sign the message to appear valid.

Adobe .pdf's, for now, are just out of the question and will not ultimately be done by most clients - path of least resistance (for clients) is to just shoot an email.

LVL 45

Expert Comment

ID: 13830083
>a mischievous modifier can easily sign the message to appear valid
You mean in an undetectable fashion? Or just appending the signature to look authentic?
If each user has a separate key (and keys can be asymmetric - private one used for signing and public one used for verification) then it is going to be hard for the modifier to change the message

Author Comment

ID: 13836212
I see what you are saying and I agree... Currently we have everyone with a seperate key with digital certs for ID, email, and encryption. Using the original text from before, Jane can open John's email, modify the text, sign with her cert and forward to a new audience - Reading "From the Boss (John)." The audience in this case will just believe all text is true seeing the signed email from Jane... Sure Jane can get fired if caught - but once again, we are trying to automate the process to not allow this to happen in the first place.

I went ahead and contacted Microsoft rep's on this issue to discuss further details and options.  Although it can be done, lots and lots of funds would be needed for upgrades to our current systems. If you would like I can post their comments??
LVL 45

Expert Comment

ID: 13839332
It would sure be very educating ... Do post more information if possible

Featured Post

Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question