How do I restrict changes to the original text/content of an email from others?

Using Outlook 2003 - A highly valued customer (John Doe) would like to restrict any changes being made to emails he sends out to 'Jane Doe.'

For example: When 'Jane' receives John's email, she will Forward the message to others still.  The problem is that when she clicks the Forward button, this allows her to scroll down and modify the original text of John's message. John does not want the original text modified in any way.  He sends the message out as Plain Text with the security option of Read Only (New Message > Tools > Options > Security tab > Read Only); however, Jane is still able to make modifications once she clicks the Forward or Reply button.  Is this type of restriction possible?
phonemateAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
sunnycoderCommented:
Hi phonemate,

>  Is this type of restriction possible?
No ... what you can do is append message hash to the message. If changes are made to the message, hash will not match ...
They will not prevent modification but they will help detect one.

Read a bit into digital signatures
http://support.microsoft.com/kb/q206637/
http://office.microsoft.com/en-us/assistance/HP010461711033.aspx

Another option would be to put content of message on a web page (which can be protected) and pass the link to it in a mail ... However, it will be clumsy for mail exchanges and still leaves out possiblity for copy paste and modify.

Cheers!
sunnycoder
0
 
burrcmCommented:
Perhaps send the message as an attached PDF?

Chris B
0
 
sunnycoderCommented:
PDFs can be edited too ...
You can add password protection to PDFs, but there are tools to recover those passwords too.

Yet another way would be to copy paste, edit and then forward.

The most difficult task would be to find a meaningful alteration of the original message which generates the same message signature ... but then, that is not prevention of alteration, it is capability of detection of alteration.

Preventing alteration when information is on another system is very very hard to accomplish ... I have not come across a reliable method for the same. Once they have the data, they have complete control over it.
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
phonemateAuthor Commented:
I appreciate the quick response, thank you.  The whole organization is currently using Digital Cert's for email; top executives even use encryption.  That, in itself, is becoming a problem as the 'now-common' digital validity is not checked as much anymore.  We are just trying to automate the process but did find that a mischievous modifier can easily sign the message to appear valid.

Adobe .pdf's, for now, are just out of the question and will not ultimately be done by most clients - path of least resistance (for clients) is to just shoot an email.

0
 
sunnycoderCommented:
>a mischievous modifier can easily sign the message to appear valid
You mean in an undetectable fashion? Or just appending the signature to look authentic?
If each user has a separate key (and keys can be asymmetric - private one used for signing and public one used for verification) then it is going to be hard for the modifier to change the message
0
 
phonemateAuthor Commented:
I see what you are saying and I agree... Currently we have everyone with a seperate key with digital certs for ID, email, and encryption. Using the original text from before, Jane can open John's email, modify the text, sign with her cert and forward to a new audience - Reading "From the Boss (John)." The audience in this case will just believe all text is true seeing the signed email from Jane... Sure Jane can get fired if caught - but once again, we are trying to automate the process to not allow this to happen in the first place.

I went ahead and contacted Microsoft rep's on this issue to discuss further details and options.  Although it can be done, lots and lots of funds would be needed for upgrades to our current systems. If you would like I can post their comments??
0
 
sunnycoderCommented:
It would sure be very educating ... Do post more information if possible
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.