Document classification capabilities

Document classification capabilities provides the ability to manage protective markings to emails. Email+ lists user interface fields to the user when viewing messages, replying to messages, or composing new messages.

The messages that are sent through Email+, adds the markings to the subject line, header, and optionally on the top and the bottom of message body. Email+ supports Protective Marking Standard for the Australian Government (2012 and 2018 versions) and Generic.

  • Classification - To identify the overall sensitivity of the message
  • Distribution Limiting Markers - To limit the distribution

Email classification JSON has two major parts:

  • Scheme
  • Values


Scheme includes properties to define email classification behavior. The following table describes the general properties:




Email classification marker to add text at the top of a classified message.

Can include $sec$, $dlm$, $title$, $caveat$ variables.

Default value for AU_2018: {"default" : "$sec$, $caveat$, $dlm$", "noSec" : "$dlm$, $caveat$", "noDlm" : "$sec$, $caveat$", "noCaveat" : "$sec$, $dlm$" }

Default value for AU_2012: {"default" : "$sec$, $dlm$", "noSec" : "$dlm$", "noDlm" : "$sec$"}.

To remove the header and footer the "topOfBody" and "bottomOfBody" value should be set to an empty value: {} or {"default" : ""}.


Email classification marker to add text at the bottom of a classified message.

Can include $sec$, $dlm$, $title$, $caveat$ variables.

Default value for AU_2018: {"default" : "$sec$, $caveat$, $dlm$", "noSec" : "$dlm$, $caveat$", "noDlm" : "$sec$, $caveat$", "noCaveat" : "$sec$, $dlm$" }.

Default value for AU_2012: {"default" : "$sec$, $dlm$", "noSec" : "$dlm$", "noDlm" : "$sec$"}.

To remove the header and footer "topOfBody" and "bottomOfBody" values should be set to an empty value: {} or {"default" : ""}.


Email classification marker to apply color to the the text in "topOfBody" and "bottomOfBody" text in #AARRGGBB or #RRGGBB format. Text value.

Default value: "#FFFF0000". Examples: #ff0000, #a2ff230c;


Email classification marker to apply a default value. Format: { "sec" : "existing sec value", "dlm" : "existing dlm value" }.

Should be one of the markers defined in "values". If value is not set or marker does not exists - "" will be used.


Warning message to display when a user is trying to send message without selected classification.

Text value. Default: "Classification is required".


Warning text to display in "#FFFF0000" color instead of classification marking while classification is not selected.

Text value. Default: "Classification is required".


When set to "true" only markers with the same dlm as in original message should be available to select. Boolean value. Default: "false".


The fields from "multiselectField" JSON array supports multiple selections. The default value is empty.

When multiple values are selected $field$ notation is replaced with the appropriate values separated with "multiselectSeparator" text. "multiselectSeparator" default value is ", ".

Version properties

Version properties defines which classification type will be used. When version is not defined Generic classification will be used.

  • version - Defines email classification type.
    • Supported version: "AU" or "AU_2012" for Email Protective Marking 2012 Standard and "AU_2018" for Email Protective Marking 2018 Standard for the Australian Government.
  • versionValue - Defines version number used for sending classification.
    • Default value for "AU" and "AU_2012": "VER=2012.3,". With "AU_2018" "VER=2018.1," is used.


Values is used to define a list of Email classification markings. One of the following values must be presented in values field, that is they are optional in place where we substitute them (Subject, Body, Mime Headers and so on).

  • SEC - single SEC or array of SEC values.
  • DLM - single DLM or array of DLM values. With AU_2018 version should be used for the ACCESS(Information management marker) values.
  • CAVEAT - single CAVEAT or array of CAVEAT values.

One of "sec" or "dlm" must be presented in "values" item. When "sec" or "dlm" value is array all the permutations of "sec" + "dlm" should be used. Priorities are in ascending order from top to bottom, from left to right.

JSON is considered invalid and classification markers are not displayed when the values for SEC or DLM is empty or duplicated.

When values item defines a single classification marking that the next properties can be set such as:

  • title - defines text to use for marking title in the classifications picker when the classification is a single value.

Valid classification for AU 2018 contains only:

  • sec, caveat*, access*
  • sec, caveat*
  • sec, access*
  • sec

Where (*) is for one or several items)

A regular expression for AU 2018 Subject

[(SEC=<securityClassification>)(, CAVEAT=<caveatType>:<caveatValue>)*(, EXPIRES=(<genDate>|<event>), DOWNTO=(<securityClassification>)?(,ACCESS=<InformationManagementMarker>)*]


X-Protective-Marking: VER=<ver>,, (SEC=<securityClassification>)(, CAVEAT=<caveatType>:<caveatValue>)*(, EXPIRES=(<genDate>|<event>), DOWNTO=(<securityClassification>)?(, ACCESS=< InformationManagementMarker>)*(, NOTE=<comment>)?, ORIGIN=<authorEmail>

The following is example for the Australian classification:



"scheme" : {

"topOfBody" : {"default" : "$sec$, $caveat$, $dlm$", "noCaveat" : "$sec$, $dlm$", "noDlm" : "$sec$, $caveat$", "onlySec" : "$sec$"},

"bottomOfBody" : {"default" : "$sec$, $caveat$, $dlm$", "noCaveat" : "$sec$, $dlm$", "noDlm" : "$sec$, $caveat$", "onlySec" : "$sec$"},

"bodyTextColor" : "#ffff0000",

"version" : "AU_2018",

"versionValue" : "VER=2018.1,",

"default" : { "sec" : "OFFICIAL" },

"lockDlm" : "true",

"multiselectField" : ["dlm"],

"multiselectSeparator" : ", "



"values" : [


"sec": "UNOFFICIAL",

"title" : "Unofficial"



"sec": "OFFICIAL",

"title": "Official"



"sec": "OFFICIAL:Sensitive",

"dlm": ["","Personal-Privacy","Legal-Privilege","Legislative-Secrecy"]



"sec": "PROTECTED",

"dlm": ["","Personal-Privacy","Legal-Privilege","Legislative-Secrecy"],

"caveat": ["","SH:Cabinet"]




For Generic classification the following properties must be defined:

  • subjectSuffix - suffix that is appended to subject when sending an email. Can include $sec$, $dlm$ variables. Format: {"default" : "$sec$, $dlm$", "noSec" : "$dlm$", "noDlm" : "$sec$"}. Default: {"default" : "[$sec$]"}.
  • xHeaderName - email header that is added to an email. On reply and forward will overwrite the original header if its protection header cannot be parsed. Text value. Default: "x-classification".
  • xHeaderValue - value for "xHeaderName". Can include $sec$ variable. Format: {"default" : "$sec$, $dlm$", "noSec" : "$dlm$", "noDlm" : "$sec$"}. Default: {"default" : "[$sec$]"}.

The following is an example of Generic classification:


"scheme" : {

"subjectSuffix" : {"default" : "[$sec$]"},

"topOfBody" : {"default" : "$sec$, $dlm$", "noSec" : "$dlm$", "noDlm" : "$sec$"},

"xHeaderName" : "x-classification",

"xHeaderValue" : {"default" : "[$sec$]"},

"default" : { "sec" : "-Public-" }



"values" : [


"sec" : "-Public-",

"title" : "All external email"



"sec" : "-Internal-",

"title" : "BB&T Internal email"



"sec" : "-Secret-",

"title" : "BB&T Secret email"




For more information on JSON samples, see the Android Email+ 3.x Security Classification Guide KB article.