diff --git a/admin/admin_reply_ticket.php b/admin/admin_reply_ticket.php
index 62255dd1..a2b5ba22 100644
--- a/admin/admin_reply_ticket.php
+++ b/admin/admin_reply_ticket.php
@@ -122,7 +122,9 @@ if (strlen($message)) {
     // Attach signature to the message?
     if (!$submit_as_customer && !empty($_POST['signature'])) {
         if ($modsForHesk_settings['rich_text_for_tickets']) {
-            $message .= "<br><br>" . nl2br($_SESSION['signature']) . "<br>";
+            $signature = nl2br($_SESSION['signature']);
+            $signature = hesk_htmlspecialchars($signature);
+            $message .= "<br><br>" . $signature . "<br>";
         } else {
             $message .= "\n\n" . addslashes($_SESSION['signature']) . "\n";
         }
diff --git a/inc/email_functions.inc.php b/inc/email_functions.inc.php
index 9a1581f0..044472ef 100644
--- a/inc/email_functions.inc.php
+++ b/inc/email_functions.inc.php
@@ -804,7 +804,16 @@ function hesk_processMessage($msg, $ticket, $is_admin, $is_ticket, $just_message
             $htmlMessage = nl2br($ticket['message']);
             $msg = str_replace('%%MESSAGE_NO_ATTACHMENTS%%', $htmlMessage, $msg);
         } else {
-            $msg = str_replace('%%MESSAGE_NO_ATTACHMENTS%%', $ticket['message'], $msg);
+            $plainTextMessage = $ticket['message'];
+            $message_has_html = checkForHtml($ticket);
+            if ($message_has_html) {
+                if (!function_exists('convert_html_to_text')) {
+                    require(HESK_PATH . 'inc/html2text/html2text.php');
+                }
+                $plainTextMessage = convert_html_to_text($plainTextMessage);
+                $plainTextMessage = fix_newlines($plainTextMessage);
+            }
+            $msg = str_replace('%%MESSAGE_NO_ATTACHMENTS%%', $plainTextMessage, $msg);
         }
     }