diff --git a/apimail/api/views.py b/apimail/api/views.py
index 250465d09b99cc76e4caea7dab96df75b0371abc..6fa4bddd86caf1dc502ec4a87ddce09963f7b391 100644
--- a/apimail/api/views.py
+++ b/apimail/api/views.py
@@ -225,7 +225,6 @@ class StoredMessageUpdateReadAPIView(UpdateAPIView):
     queryset = StoredMessage.objects.all()
     serializer_class = StoredMessageSerializer
     lookup_field = 'uuid'
-    filter_backends = [StoredMessageFilterBackend,]
 
     def partial_update(self, request, *args, **kwargs):
         instance = self.get_object()
@@ -270,7 +269,7 @@ class StoredMessageUpdateTagAPIView(UpdateAPIView):
     Adds or removes a user tag on a StoredMessage.
     """
 
-    permission_classes = [IsAuthenticated, CanHandleStoredMessage]
+    permission_classes = [IsAuthenticated, CanReadStoredMessage]
     queryset = StoredMessage.objects.all()
     serializer_class = StoredMessageSerializer
     lookup_field = 'uuid'
diff --git a/apimail/permissions.py b/apimail/permissions.py
index e732cc28e65a88702f1197755411fbf04ac5e7eb..ef0d2a528a5665d15be934b39a53c592232417bb 100644
--- a/apimail/permissions.py
+++ b/apimail/permissions.py
@@ -33,10 +33,10 @@ class CanHandleStoredMessage(permissions.BasePermission):
         # Check, based on account accesses
         for access in request.user.email_account_accesses.filter(
                 rights=EmailAccountAccess.CRUD):
-            if ((access.account.email == obj.data.sender or
-                 access.account.email in obj.data.recipients)
-                and access.date_from < obj.datetimestamp
-                and access.data_until > obj.datetimestamp):
+            if ((access.account.email == obj.data['sender'] or
+                 access.account.email in obj.data['recipients'])
+                and access.date_from < obj.datetimestamp.date()
+                and access.date_until > obj.datetimestamp.date()):
                 return True
         return False
 
@@ -53,9 +53,9 @@ class CanReadStoredMessage(permissions.BasePermission):
 
         # Check, based on account accesses
         for access in request.user.email_account_accesses.all():
-            if ((access.account.email == obj.data.sender or
-                 access.account.email in obj.data.recipients)
-                and access.date_from < obj.datetimestamp
-                and access.data_until > obj.datetimestamp):
+            if ((access.account.email == obj.data['sender'] or
+                 access.account.email in obj.data['recipients'])
+                and access.date_from < obj.datetimestamp.date()
+                and access.date_until > obj.datetimestamp.date()):
                 return True
         return False