Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How do I "shred" individual emails in Microsoft Outlook?

Question:

I have Win XP Pro SP2 with MS Office Pro 2000 installed, and use MS Outlook
2000. In the Outlook I would like to be able to shred (not just delete)
individual, old e-mails.

I have the necessary shredder software to do this but how can I find the
individual e-mail files and where they are stored ? I don´t necessarily
want to shred all old e-mails, but only specific mails.

I think that this must be possible, although I have not been able to find
any relevant information on the Internet. Could you please give some advice and
point me in the right direction?

We need to first clarify what you mean by “shredding”, and then I’ll explain
why, in general, an external shredding tool can’t work with Microsoft
Outlook.

And then I’ll explain what you can do instead.

Become a Patron of Ask Leo! and go ad-free!

What most people refer to as “shredding” a file is nothing more than a
secure delete. The file is first overwritten multiple times with specific
patterns of data so as to thwart any advanced data recovery techniques, and
then it’s finally deleted. There are both commercial and free tools to do this; my
preference is the freeware sdelete
utility from Microsoft and SysInternals.

The problem here is simple, though: shredders or secure delete utilities
work on files.

Outlook does not store individual messages in individual files.

Instead, Outlook stores all of your email, calendar, contacts and the like
in one big file, called a “PST” for Personal Store.

That means that you can’t “shred” an individual message, because there’s no
separate file to shred. The message is just some data somewhere inside of your
PST along with other information.

So let’s look at the goal and devise an alternate way to achieve roughly
the same thing.

“… you can’t “shred” an individual message, because
there’s no separate file to shred.”

The goal is simple: to delete a message from your hard disk in such a way
that even advanced data recovery techniques cannot find it. That typically
means obliterating with a secure delete or disk wiping type of function the
hard disk sectors in which the deleted message was stored.

Since we don’t know exactly what sectors those might have been, we have to
take some extra steps.

Here’s what I’d do for maximum security:

  • Delete the message in Outlook. As we know this doesn’t
    actually delete the message, but moves it to the recycle bin with your Outlook
    PST.

  • Empty Outlook’s recycle bin. This also doesn’t really
    delete the mail, it simply marks the space previously occupied by the email as
    now being free and available for Outlook to put new messages and other
    things.

  • Exit as many other programs as you can. We want to make
    sure that the disk is used as little as possible for the next few steps.

  • Compact the PST. This really does delete the messages
    because it removes all the unused space from the PST. The unused space in the
    PST is returned to the operating system as actual free disk space.

  • Exit Outlook. We’ll be making a copy of the PST shortly and
    we need Outlook to stop accessing it while we do so. We also need to make sure
    that it’s not changing the PST during the next step.

  • Wipe the hard disk free space. Using a tool like sdelete,
    or some of the other free-space wiping or shredding tools, this ensures that
    the unused space on your hard disk is securely wiped clean. No files that used
    to be stored in the free space can be recovered. Part of the compaction process
    will have “moved the PST around” on disk, and the disk areas that used to hold
    your message could be part of the free space – hence you’ll want to wipe
    ’em.

  • Make a copy of the PST. Locate your PST and in that
    same folder simply make a copy of the PST under a new name. The copy
    will make use of the free space we just wiped clean. Make sure you’ve done this
    properly before proceeding.

  • Shred or secure-delete the original PST. The problem this
    solves is that during the compaction process the PST may have been rewritten on
    top of the disk space formerly used by the message you’re attempting to delete.
    That means that the secure wipe we just did of free space won’t have
    obliterated all traces of the message. That’s not good enough, and you actually
    want to shred or secure delete that region as well by shredding the PST.

  • Rename the copy you made of the PST back to the original
    name.

  • Restart Outlook

Unfortunately, based on other disk activity that still may have been
happening while you were doing all this, there’s still a tiny chance that a
disk sector that held the message may have survived. If the sectors previously
occupied by the message were taken by another program between the time the PST
was compacted and the free space wiped, then that sector would never have been
securely shredded. That’s why shutting down as many applications as you can is
important in this process.

The good news, though, is that the chances of that happening really are
tiny. This process will give you a fairly high degree of confidence that the
message you’re attempting to shred is almost certainly, irretrievably,
gone.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

6 comments on “How do I "shred" individual emails in Microsoft Outlook?”

  1. One little problem with this whole concept, though, is that the email is never truly gone. That message had to go through MANY computers before it got to yours, and each place it passed through MIGHT contain a copy somewhere. The sender’s computer, the ISP servers, etc etc….Am I right on this one Leo?

    Reply
  2. Mark is correct.

    I don’t have this version of Outlook, but use an older one at work. What I would do with that version is create a personal folder where I would drag and drop all emails meant for shredding. Then, with Outlook closed, shred that personal folder. Then with Outlook opened a folder for shredding could be created.

    Reply
  3. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    Mark: yes, you are quite correct. This article focusses on removing all traces
    from your machine, but there are a series of mail servers, not to mention the
    original sender’s computer, on which the email may still reside. Those are out
    of your control.

    John: I assume you mean personal store (PST) not personal folder. Moving to
    another folder just moves it around within the same PST. In either case the
    process of “dragging and dropping” an email is actually a copy followed by a
    delete. That means that the email is still in your original email folder or PST
    in some kind of deleted state, even after you move it to another. Shredding the
    second PST doesn’t remove the traces or the email that remain in the original
    location.

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.7 (MingW32)

    iD8DBQFHLKt3CMEe9B/8oqERArt5AJsGfOdY+0zKUx7HvGFV/PxGKYU+tgCfZvQF
    iK3FtZmerBArR146VEgziwk=
    =55Nd
    —–END PGP SIGNATURE—–

    Reply
  4. I have the same question regarding vista mail: is it possible to shred emails in the Vista Mail “deleted items” folder by, for example, adding this folder to ccleaner items to clean.

    Reply
  5. I am not even close to the security issue. When I delete email in new Outlook 2oo7 all what occurs is that Outlook draws a line on top of the deleted email, but the email is still there, right in front of me, with the remaining emails. It not not sent to the recycled mail bin! I presume this is a setting option. How do I change it?

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.