Sending and receiving emails securely

 

Through October 2025 taxpayers may use email to communicate with the IRS when working with a specific IRS employee on an ongoing case. Taxpayers can respond securely to emails from these employees or initiate emails if they follow certain procedures to protect their personal information.

On This Page

Using email to communicate with the IRS

To protect your privacy, IRS has restrictive policies regarding the use of email for communication with taxpayers.

Through October 31, 2025, you and your authorized representatives may email documents to us during certain interactions with IRS staff. This is an exception to our normal policy as outlined in a memorandumPDF effective October 31, 2023. We may update this policy exception at any time as we begin to offer ways that are safer than email for you to communicate with us electronically.

When you may use email

The policy exception allowing email communication applies only to certain interactions to address or resolve issues such as audit or collection activities, appeals, or other interactions with IRS Counsel or the Taxpayer Advocate Service. These communications should be:

  • Person-to-person – You are interacting directly with an identified IRS employee
  • Authenticated – the IRS employee has verified your identity and has the authority to interact with you about your case or issue 
  • Recurring – The use of email is part of an ongoing interaction with the IRS, for instance, when responding to information requests in the context of an audit.

When not to use email

You may not use email for communications that do not satisfy the criteria described under “When you may use email.” Unless you’re involved in an ongoing interaction with an IRS employee and they request a document by email, do not use email to respond to an IRS notice or to submit your original tax return to the IRS.  To respond to a notice, follow the directions provided in the specific notice. Send original returns using standard filing procedures (mail or e-file).

Receiving email from the IRS

We will never initiate contact with you by email or require you to communicate with us by email. As always, it’s up to you to decide to send or receive documents electronically.

Authorizing email contact

Before we email you, an IRS employee will contact you by phone to verify your identity and get your consent. The IRS employee will verbally verify your email address and ask you to send an email to their IRS email address to confirm your email address. Include the following statement in the body of your email:

I consent to receive encrypted email from [employee name] and associated IRS personnel for the duration of this [examination/collection activity/etc.].

You may stop communicating with us by email at any time by telling the employee you're working with of your preference.

After getting your consent, the IRS employee may contact you again by phone to tell you to expect an email from them. Always confirm the email address of the IRS employee sending the email .

Opening the message

  1. You will receive an email from the IRS containing the email address of the IRS employee with whom you have been communicating, in the format employee.name@irs.gov. The email will say that this employee has sent you a protected message. Check that the employee email address matches what the employee told you.  
  2. Select the link in the message titled “Read the message.” A secure webpage will open with a link to “Sign in with a One-time passcode.”
  3. Click on this link and you will receive a passcode by email from Microsoft Office 365 Message Encryption. Keep the sign-in webpage open. 
  4. Retrieve the passcode from the new email, return to the sign-in webpage, enter the passcode in the One-time passcode box, and select “Continue.
  5. The message will open in the browser window with any encrypted attachments. You may respond securely to this message by using the “Reply” button.

Sending us email

Confirm the IRS employee’s email address, especially if you’re replying to a previous message. Official IRS email addresses look like this: employee.name@irs.gov.  Be sure you reply to the actual email address of the IRS employee communicating with you, not to the automated notification email stating the employee has sent you a protected message.  
There are two ways to email us:

Replying directly

If you reply directly to an encrypted email you received from the IRS within the secure webpage, the body of your reply and any attachments you send are automatically encrypted for your protection. You can reply any number of times to the same secure IRS email by signing in again to get a new one-time passcode. You do not need to call the IRS employee you are working with every time you send an email.

Never include sensitive or identifying information in the subject line of your email. Encrypted email does not encrypt the subject line.

Emailing us first

You may also initiate an email to the IRS employee assigned to you, using the email address they provided, through your preferred email application. However, this will require some additional precautions such as encrypting any attached documents with passwords. You’ll need to give the IRS employee your email address if you have not already, so they’ll know who you are and to expect your message.

Standard email is not encrypted. Avoid including sensitive information or information that can identify you in both the subject line and the body of your email. This includes your full name, Social Security or taxpayer identification number, personal address, and phone number.

You can send information that identifies you in securely encrypted documents. If you’re uncomfortable emailing your documents, you can always send them to your assigned IRS employee by fax, established secure messaging systems or mail.

Precautions for document transmissions

To email documents to your assigned IRS employee, you should:

  1. Sign any documents that require a signature. Use a digital certificate if you have one; this is the most secure method. If you are signing electronically, keep an unsigned copy of each document in case you need to reopen it to make changes. If you can’t electronically sign a document, print and sign it, then scan or photograph it. Save the image in a standard file format (JPEG, TIFF or PDF).
  2. Unless you’re replying to an email you’ve opened using a one-time passcode, be sure to encrypt any attached documents you’re sending and protect them with strong passwords.

Call your IRS employee and give them the passwords to any encrypted attachments. Never send a password by email.

Encrypting your document

You must encrypt and password-protect any documents you send to your assigned IRS employee whenever you aren’t replying directly to an encrypted email from IRS.

We accept encrypted files in common formats from software like Microsoft Word, Excel, and Adobe Acrobat (PDF) or image formats like JPG and TIFF.

To encrypt a PDF you must have Acrobat Pro or DC. Acrobat Reader can’t encrypt PDFs. Even with Acrobat Pro or DC, many PDFs cannot be encrypted after being digitally signed. In case that happens, before digitally signing, you should keep an unsigned copy you can then sign by hand, scan and encrypt before attaching it to an unsecured email.

During the encryption process, you’ll create a password to provide the IRS employee access the encrypted file. Choose a strong password that’s at least twelve characters long and include a mix of letters, numbers and symbols.

There’s no way to recover a lost password. Create a copy of your original document and save it under a new name. Encrypt, password-protect and send the copy. This way, you can access your original document if the password is lost.