Sensitive Attachment Guard Tutorial

Installation of add-on

  1. In Thunderbird, choose "Tools" -> "Add-ons" and the Add-ons list will show up.

  2. Choose "Install...", and then select the installation file "SensitiveAttachmentGuard.xpi".
  3. Another box prompts to confirm installation, choose "Install Now".
  4. Choose "Restart Thunderbird" that appears on the Add-ons window to complete the installation.

Sensitive information marking

Please note that "Sensitive Attachment Guard" add-on only supports Word and Excel documents that are in Office Open XML format (i.e. file with .docx or .xlsx extension).

Character style creation in Microsoft Word 2007

  1. On the "Home" palette, click the window button at the lower right corner (as shown by the red circle in the figure below) of the "Styles" block to open the "Styles" window


    The "Styles" window is the one below:



  2. Choose "New Style" icon at the lower left corner, the create style window then appears.
    Enter the following information:
    Name: confidential (Note: case sensitive)
    Style type: Character
    Style based on: underlying properties (in case if you don’t need special style format, or you may set to other pre-defined style)


    You may set other formatting properties according to your own preference. Remember to select "New documents based on this template" so that this style can be used in any other Word documents. Then click "OK" to save.

Character style creation in Microsoft Excel 2007

  1. On the "Home" palette, select the "Cell Styles" icon to display the cell styles window.


    The cell styles window is the one below:



  2. Choose "New Cell Style..." at the bottom left corner of the window and the "Style" window appears. Set the style name as "confidential". You may set the format as well. Then click "OK" to save it.



  3. Unlike in Word, where the character style can be saved as a style template, this custom cell style has to be defined every time a new Excel document is created. Hence it is suggested to create some Excel template documents (i.e. those with .xltx extension name) with this style defined.

Sensitive information marking

In Word, existing sensitive information can be highlighted and then changed to "confidential" character style. For new sensitive information to be added, the style can be changed to "confidential" in advance.

In Excel, the cells with sensitive information can be highlighted and be changed to "confidential" cell style.

Recipient lists configuration

Select "Tools"->"Sensitive Attachment Guard..." and the manage recipients window will appear.


There are two recipient lists. The left one is for those who can receive sensitive information (we call it unmask list), and the right one is for those who cannot receive such content (we call it mask list). User can add email addresses to the lists by clicking the "+" button and then type the address in the dialog box prompted. Any listed addresses can be removed by selecting that address and then clicking the "-" button. Remember to click "OK" to save the changes.

Email Sending

Add-on process flow:
  1. The sender composes an email and then clicks "Send" button to deliver it.
  2. The add-on checks whether the attachments contain sensitive information by detecting any content marked by "confidential" character style in any Word file or any cell value marked by "confidential" cell style in any Excel file.
  3. If sensitive information exists, then the add-on starts to scan the recipients and checks with its mask and unmask lists. If not then the email is sent as normal. (Note: the recipient checking is performed only for those specified in "To", "Cc" and "Bcc" fields, others such as those in "Reply-To" field will NOT be checked and no emails will be sent to them when attachments need masking.)
  4. If some recipients do not appear in both the mask list and the unmask list, then the add-on will remind the sender about those unknown recipient addresses.


    And it will ask the sender to select one of the following actions to be taken on these recipients.


    There are 5 choices:
    1. Mask and send them, and remember these recipients – treat these recipients as in the mask list, and add them to the mask list afterwards
    2. Mask and send them for this time only – treat these recipients as in the mask list, but do not add them to the mask list
    3. Send them directly, and remember these recipients – treat these recipients as in the unmask list, and add them to the unmask list afterwards
    4. Send them directly for this time only – treat these recipients as in the unmask list, but do not add them to the unmask list
    5. Cancel sending – cancel the email delivery
  5. Now the add-on knows which recipients should receive attachments with confidential contents masked. If no such recipients exist, then the email is sent as normal.
  6. The add-on then generates a masked version for each sensitive attachment by replacing every single character in the sensitive contents with a "*".
  7. If there is more than one recipient, then the add-on makes a copy of the original email for every single recipient, with the "To" address set to that recipient address. The sender is notified for the separate emails as shown below.



  8. For the recipients who are prohibited from receiving documents with sensitive contents, then the masked attachments are used instead of the original ones.

The following flow chart illustrates the above process:



For example, if an email has 3 recipients in total and one recipient should not receive confidential information of a Word file attachment, then each recipient will receive a separate copy of the email. The email sent to that mask listed recipient will have that Word file attachment being the masked version. 3 emails will be sent in total.