Calendar Icon White
February 3, 2023
Clock Icon
 min read

How to redact an email in Outlook or Office 365?

Discover the step-by-step guide on how to redact sensitive information from emails in Outlook. Ensure your communications remain private and compliant with Office 365's features

How to redact an email in Outlook or Office 365?
Calendar Icon White
February 3, 2023
Clock Icon
 min read

How to redact an email in Outlook or Office 365?

Discover the step-by-step guide on how to redact sensitive information from emails in Outlook. Ensure your communications remain private and compliant with Office 365's features



  • Redacting an email is necessary to protect sensitive information and comply with privacy laws and regulations.
  • There is no manual way to redact an email in Office 365, but senders can recall messages and receivers can delete or manually redact and send back to themselves.
  • Strac Office 365 Email DLP (Data Loss Prevention) Redactor App is an automatic way to redact emails and attachments, with audit reports for compliance and security officers.
  • Strac's app can also redact old emails to comply with privacy laws.
  • Book a meeting with Strac for more information or to see redaction on your emails in 15 minutes.

Why is there a need to redact an email?

There is a need to redact an email to protect sensitive, confidential or personal information. Redaction helps to ensure that information such as

  • Financial data like credit card numbers
  • PHI -Medical records
  • PII -Personal addresses and phone numbers
  • Classified Documents
  • Audio Containing Senstive PII ,PHI, Financial Data.

Additionally, redaction may be required to comply with privacy laws and regulations, such as the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accountability Act (HIPAA), or it may be required for compliance like SOC2, PCI (Payment Card Industry) DSS (Requirement 3). By redacting sensitive information, you can prevent potential harm or legal consequences for you and the individuals whose data is in the email.

How to Redact an Email in Outlook/Office 365?

Strac Office 365 Email Redactor is the only way to automatically redact sensitive parts in an email body or sensitive attachments. There here is no way to manual way to redact an email in Office 365; however, you can take some manual steps to either recall if you are a sender OR delete what you received if you are a receiver. If a sender accidentally sends an email containing sensitive data, the sender can recall the message.

When Recalling an Email in Outlook Isn't an Option... What Next?

Sometimes, hitting "send" can be premature. And while recalling an email in Outlook is handy, it's not always guaranteed, especially if the recipient has opened your message. The solution? Use Outlook's delay delivery feature! It gives you a buffer to rethink, redact, or simply refine your emails before they're sent out.

Step 1: Launch Outlook and hit the 'File' button, top-left.

Step 2: Head down and select 'Manage Rules & Alerts'.

Step 3: In the window that pops up, go for 'New Rule'.

Step 4: A new dialogue will emerge. Select 'Apply Rule on Messages I Send', and then 'Next'.

Step 5: On the ensuing screen, just hit 'Next' again.

Step 6: Now, spot the 'Defer Delivery By a Number of Minutes' option. You can set your buffer time here (up to 120 minutes). Once done, hit 'OK' and then 'Next'.

Step 7: If you have certain emails or contacts you don't want the delay for, set those exceptions and continue by clicking 'Next'.

Step 8: Make sure 'Turn On This Rule' is checked, and then seal the deal with 'Finish'.

But is it an ideal solution? Absolutely Not! That's were redaction comes to play.

Recall Vs Redaction

Recall is a reactionary measure. It's something you'd use after realizing you made an error. It offers a way to potentially 'undo' sending an email, but with significant limitations based on the recipient's email provider and their actions.

On the other hand, redaction is a proactive measure. Before you even hit send, you're ensuring that the confidential information is obscured. It's a method of sending the necessary data without exposing sensitive details.

In a nutshell:

  • Recall is the "Oops! Let me try to take that back" feature.
  • Redaction is the "Let me cover this up before it goes out" tool.

While both serve the purpose of data protection in their own right, their methods, applications, and effectiveness vary. As you rightly pointed out, relying solely on recall can be risky, while redaction provides more assured protection of sensitive details

Recall message in Office 365
Recall message in Office 365

Why is Redaction a Better Option to Outlook's in-built Recall Feature?

Outlook/Office 365 comes with several limitations in recall feature such as:

  1. Recipient's Email Client: The recall feature is specifically designed for Outlook. If the recipient isn't using Microsoft Outlook as their email client, you cannot recall the message.
  2. Email Status: For a recall to be successful, the recipient should not have read the email. Once they've opened it, the recall option won't work as intended.
  3. Recipient's Mailbox Configuration: If the recipient's Outlook is configured to deliver new messages directly to a folder other than the inbox (due to rules, for example), recalling the message will fail.
  4. Notifications: When attempting to recall an email, Outlook might send a notification to the recipient informing them that you are trying to recall the message. This might draw more attention to the email you're trying to take back.
  5. External Email Addresses: Recalling an email sent to addresses outside of your organization or domain (like Gmail, Hotmail, or is typically not possible.
  6. Interruption: If the recipient is working on the email (e.g., moving or processing it with a rule), while you try to recall it, the recall might not be successful
  7. Public Folders: If the email is saved to a public folder and someone reads it, the recall action will not be successful.

Strac for Email Data Loss Prevention in Office 365

Strac Office 365 DLP is a Data Loss Prevention (DLP) software. It masks (aka redacts) sensitive emails while allowing authorized users to view those emails in Strac UI Vault. To redact emails, a business can configure a list of sensitive data elements (SSN, DoB, DL, Passport, CC#, Debit Card, API Keys, etc.). Compliance, Risk and Security officers will also get audit reports of who accessed what messages and at what time.

With Strac's  integration, you can mask (aka redact) your customers' sensitive data in emails. It lets you redact (mask) documents automatically in seconds, from emails to pdf, docx, png, jpeg, doc, and xls attachments.

Strac Gmail Redaction Showcase
Book a quick 30-minute Demo to Protect All Your Sensitive Data Transactions

Is It Possible to Redact Old Emails?

Yes, Strac's Office 365 DLP can also look at older emails and redact all sensitive content from the body and sensitive attachments from email. This is a requirement for many of the compliance frameworks and privacy laws where businesses need to remove customer data from older emails once after the business function is done.

Strac SaaS Integrations
Strac SaaS Data Loss Prevention

Read our other resources on Email Data security:

Founder, Strac. ex-Amazon Payments Infrastructure (Widget, API, Security) Builder for 11 years.

Latest articles

Browse all