Ask the Expert

Is it possible to prevent email forwarding?

My job involves handling sensitive data, which can be mishandled or misunderstood by laymen. How can I configure my email so that each recipient is unable to forward it and can only reply to me? Or are there other methods that would reduce the risks of important information falling into the wrong hands?

    Requires Free Membership to View

Sorry, but there is no way to achieve such functionality using "normal" email. The nature of Simple Mail Transfer Protocol (SMTP) email is that it separates the sender from the receiver, giving the sender no control whatsoever over what happens with the email once it is sent. Even if you were able to magically configure your email so that it could not be forwarded and replies could go only to you, such techniques could be thwarted with a simple cut-and-paste. And even without cutting and pasting, a recipient could still capture screen shots of your materials and forward those. Aside from that, it would still be possible to photocopy a laptop screen or take a photograph of your document on the screen. You get the idea.

So, how to deal with your dilemma, then? Most of the time, problems like yours are handled with a carefully phrased disclaimer notice at the bottom of the email. Sure, it's not a technological solution, but disclaimers make it perfectly clear to recipients that they're receiving sensitive information and should treat it as such.

Another option is to avoid sending sensitive information via email altogether. Instead, send your users messages to let them know that your content is available on your Web site, which you can then link to. Depending on the sensitivity of your Web site data, you may want to authenticate your users. If phishing is a concern, you may want to authenticate yourself to your users.

At your Web site, the users could view your data either in HTML or -- if you want to lower the chance of them copying and editing it -- a protected PDF file. Yes, the bad guys can get around all such protections as described above, but at least casual forwarding would be prevented.

There are commercial cryptographic products that minimize the chances of email forwarding, but they can be bypassed in the ways cited earlier. Still, if you are willing to spend some money, you may want to consider a plug-in like Taceo. It may inconvenience users slightly, but it allows employees to better protect sensitive content.

More information:

  • According to a 2006 survey, fear of data leaks has caused many large companies to hire staff specifically to read and analyze outbound employee email. Find out who (or what) is going through your inbox.
  • Learn which public keys are used for email encryption.
  • This was first published in April 2007

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: