diff --git a/modules/Emails/views/MassSaveAjax.php b/modules/Emails/views/MassSaveAjax.php
index 3d7d2a6e34a912f24d9cf4e7bc3601a3d6c147b8..be14047ea4605a7bdcfc781407439faca932d603 100644
--- a/modules/Emails/views/MassSaveAjax.php
+++ b/modules/Emails/views/MassSaveAjax.php
@@ -223,7 +223,8 @@ class Emails_MassSaveAjax_View extends Vtiger_Footer_View {
 					Vtiger_Utils::checkFileAccess($oldFilePath);
 
 					//restrict attachment only from storage directory
-					if (strpos($oldFilePath, "storage/") !== 0) {
+					$oldFileRelPath = str_replace('\\', '/', str_replace(realpath($root_directory).DIRECTORY_SEPARATOR, "", realpath($oldFilePath)));
+					if (strpos($oldFileRelPath, "storage/") !== 0) {
                                                 throw new Exception("Attachment access denied");
                                         }
 					copy($oldFilePath, $newFilePath);