diff --git a/addons/mail/mail_thread.py b/addons/mail/mail_thread.py
index e19de4c4c23..06975d2e078 100644
--- a/addons/mail/mail_thread.py
+++ b/addons/mail/mail_thread.py
@@ -589,6 +589,7 @@ class mail_thread(osv.AbstractModel):
         ir_attachment_obj.unlink(cr, uid, attach_ids, context=context)
         return True
 
+    @api.cr_uid_ids_context
     def check_mail_message_access(self, cr, uid, mids, operation, model_obj=None, context=None):
         """ mail.message check permission rules for related document. This method is
             meant to be inherited in order to implement addons-specific behavior.
diff --git a/addons/website_forum/models/forum.py b/addons/website_forum/models/forum.py
index 44a34438145..c12d089e3a0 100644
--- a/addons/website_forum/models/forum.py
+++ b/addons/website_forum/models/forum.py
@@ -387,6 +387,14 @@ class Post(osv.Model):
             self.pool['res.users'].add_karma(cr, SUPERUSER_ID, [uid], post.forum_id.karma_gen_question_new, context=context)
         return post_id
 
+    def check_mail_message_access(self, cr, uid, mids, operation, model_obj=None, context=None):
+        for post in self.browse(cr, uid, mids, context=context):
+            # Make sure only author or moderator can edit/delete messages
+            if operation in ('write', 'unlink') and not post.can_edit:
+                raise KarmaError('Not enough karma to edit a post.')
+        return super(Post, self).check_mail_message_access(
+            cr, uid, mids, operation, model_obj=model_obj, context=context)
+
     def write(self, cr, uid, ids, vals, context=None):
         posts = self.browse(cr, uid, ids, context=context)
         if 'state' in vals: