Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Securing offline workflow approvals

We are trying to implement offline workflow approvals by activating inbound emails to SAP. Since any email can be 'made to look' as if it came from another person these days, what are the measures that can be implemented to make sure that the email is legit?

Currently, the plan is to embed a key in the email while it is sent out, and to check if the key is present in the reply email.

I read through this document ( Sender authentication part 2: Reading email headers - Terry Zink: Security Talk - Site Home - MSDN Blogs), but the message header that I am getting in SOIN, isn't matching with the one in the document.

Example:

Offline/External Mail Approval Process without using SAP Part-3

Thanks,

Juwin

Helpful Answer

by
Not what you were looking for? View more on this topic or Ask a question