Blog Details

Introduction

Email is one of the most common forms of evidence in Indian disputes — in fraud and cheating complaints, contract and payment arguments, employment and termination matters, and harassment cases. Yet most people try to bring an email to court in the weakest possible form: a printout, or a forwarded copy pasted into another message. A bare printout proves almost nothing about who really sent the email, how it travelled, or whether it has been altered. This guide walks through, step by step, how to certify an email as evidence in India the right way — by preserving the mailbox, exporting the original message with its headers, hashing the file and producing a proper electronic-evidence certificate with e-Dex (formerly Hash Calculator).

Why a Printout or Screenshot Is Not Enough

A printed email or a screenshot of an inbox is secondary evidence — a picture of what appeared on a screen, not the underlying record. It can be retyped, edited in any document tool, or assembled to look like something it is not. More importantly, a printout strips away the parts that actually carry proof: the full headers. Without them there is no record of the true sender, no record of the route the message took between servers, and no reliable timestamp — only the words someone chose to print. Because emails are electronic records, Indian courts generally expect them to be supported by a certificate rather than simply tendered as paper. So the question “is an email printout admissible in court in India?” usually has the same answer: on its own, it is weak and easily challenged. The fix is to work from the original message and certify it, which is what the steps below do.

Step 1 — Preserve the Mailbox

Before exporting anything, preserve the source. Keep the email account and the original message intact, and do not delete or move the email while a dispute is live. If your provider or organisation offers a hold or archive on the mailbox, switch it on so the message and its metadata cannot be purged. Note which account holds the email, who has access to it, and from when — that record, the chain of custody, is what lets you later explain how the email reached the court untouched. The original mailbox is your strongest anchor; everything that follows is a controlled copy of what lives there.

Step 2 — Export the Original Message With Headers

This is the most important step. Do not screenshot — export the original message as a file that keeps its full headers. In most desktop clients you can save a message as an .eml file (Outlook, Thunderbird, Apple Mail) or an .msg file (Outlook); in webmail you can usually open the message, choose Show original or View source / download message, and save the raw .eml. These files preserve the headers that a printout throws away: the sender and recipient addresses, the Received hops that show the routing as the mail passed from server to server, the date and time, and authentication results such as SPF, DKIM and DMARC. Critically, do not forward the email to yourself first — forwarding wraps the message and strips or rewrites the original headers, leaving you with a different record. For higher-stakes matters, a forensic export by a qualified examiner gives stronger provenance than a manual save. Either way, the key point is this: e-Dex does not connect to your mailbox or extract anything. You export the .eml / .msg with your mail client (or an examiner extracts it), and e-Dex then hashes and certifies the resulting file.

Step 3 — Record the Particulars

A certificate is only as useful as the facts it pins down, so write down the particulars while they are fresh. Record the account or mailbox the email belongs to, the sender and recipient(s), the subject and the date and time of the message, and how it was exported (which client, the “save as .eml/.msg” step, or a named forensic tool and method). If there are attachments, note them as separate exhibits. These details turn an anonymous file into an exhibit tied to a real account, real parties and a real method — exactly the questions a court will ask.

Step 4 — Hash the Exported File

Now fingerprint the exact bytes. In e-Dex, add the exported .eml or .msg file (and any saved attachments) and compute a cryptographic hash — SHA-256, and other algorithms such as SHA-512, MD5 or BLAKE3 if you wish — over each one. A hash is a fixed-length digital fingerprint: recompute it later and, if it matches, the file is bit-for-bit identical to what you exported; change a single character — even one header line — and the hash changes completely. This is what lets anyone — the court, the opposing party, your own expert — confirm the exported email has not been edited since it was certified, without taking your word for it.

Step 5 — Generate the Certificate

With the file hashed, generate the certificate itself. e-Dex produces a Section 63 BSA / Section 65B electronic-evidence certificate (or a dedicated Email Forensics certificate) that records the source mailbox, the export method and the integrity hashes, with an explicit MATCH verification against each exhibit. The output follows the familiar Part A / Part B Schedule form — Part A describing the electronic record and how it was produced, Part B listing the source and the hash values — so it reads the way a court expects. If you want to see the structure first, this Section 65B certificate format with an example is a useful reference, and you can read more about what an evidence integrity certificate contains.

Step 6 — Sign and Timestamp

Finally, make the certificate tamper-evident. e-Dex can apply a PAdES digital signature using a Digital Signature Certificate (DSC) on a USB token, binding the signer's identity to the document so any later edit is detectable. It can also attach an RFC-3161 trusted timestamp from a Time-Stamping Authority, providing independent proof that the certificate existed in that exact form at that moment. Both steps run from your own Windows machine; only the timestamp touches the internet, and everything else stays fully offline.

Common Pitfalls

A few mistakes account for most weak email evidence. Relying on a screenshot or printout instead of the original message leaves you with secondary evidence that is easy to attack. Forwarding the email to yourself before exporting is a classic error — it strips or rewrites the original headers, so you certify a copy that has already lost its provenance. Missing metadata — no mailbox, no parties, no date, no export method — leaves the court unable to connect the file to anything. And deleting or moving the message before you preserve the mailbox breaks the chain of custody and removes your ability to re-verify the source. The six steps above are designed to avoid each of these.

A Note on Legal Advice

It is worth stating the legal background plainly, as general information only. The Bharatiya Sakshya Adhiniyam 2023 replaced the Indian Evidence Act 1872 and came into force on 1 July 2024; Section 63 BSA is the successor to Section 65B of the old Act, and both require a certificate for electronic records. In Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) the Supreme Court held that a Section 65B(4) certificate is a mandatory pre-requisite for admitting secondary electronic evidence, while recognising relief where a party genuinely cannot obtain it because the device or record is in someone else's possession. That is general information and the law continues to evolve under the BSA, so you must verify the current position. e-Dex helps you produce a well-structured, integrity-backed certificate; it is a tool, not legal advice and not a substitute for counsel. Who must depose to the certificate, how the email was lawfully obtained, and exactly how it is tendered all depend on the facts of your matter and on the text of the provision as it stands. For a broader walkthrough, this guide to electronic-evidence certificates in India is a good starting point. Always read the current provision and take advice where the stakes warrant it — e-Dex does not guarantee that any record will be admitted, because that is for the court to decide.

Frequently Asked Questions

Are emails admissible as evidence in India?
Emails are electronic records, so under Section 63 of the Bharatiya Sakshya Adhiniyam 2023 (the successor to Section 65B of the Indian Evidence Act) they generally need to be accompanied by a certificate to be admitted. They are not automatically admissible just because they are printed out. e-Dex helps you produce a well-structured certificate, but admissibility is ultimately for the court to decide on the facts.

Is an email printout or screenshot enough for court?
Usually not on its own. A printout or screenshot is secondary evidence that can be edited and carries no proof of the sender, the routing or the timestamps. Indian courts generally expect electronic records to be supported by a certificate. A stronger approach is to export the original message with its full headers, hash it and certify the resulting file.

How do I get a Section 65B / 63 certificate for an email?
Preserve the mailbox, export the original message with full headers as a .eml or .msg file, record the account and parties, hash the file with a tool such as e-Dex, and then generate a Section 63 BSA / Section 65B electronic-evidence certificate recording the source mailbox and the integrity hashes with a MATCH verification. You can then sign it with a Digital Signature Certificate and apply a trusted timestamp.

What are email headers and why do they matter as evidence?
Email headers are the hidden technical lines at the top of a message. They record the sender and recipient addresses, the Received hops as the mail travelled between servers, the date and time, and authentication results such as SPF, DKIM and DMARC. They are what tie a message to a real route and a real account, which is why a header-less printout is far weaker evidence.

Can emails be forged or altered?
Yes. The visible body and even the From address can be spoofed or edited, and a printout can be retyped entirely. That is why headers and integrity hashing matter. Hashing the exported .eml or .msg does not by itself prove the message is genuine, but it fingerprints the exact bytes so anyone can confirm the file has not changed since it was certified, and the headers help an examiner assess authenticity.

Conclusion

An email can decide a case — but only if you present it as more than a printout. Preserve the mailbox, export the original message with its headers, record the particulars, hash the file and wrap it in a signed, timestamped Section 63 certificate, and you give the court something it can actually verify. Let your mail client or a forensic examiner produce the export, then let e-Dex — the Digital Evidence Integrity Suite hash the exhibits, capture the details and generate a court-ready certificate on your own Windows machine, fully offline and free to try.