Hey Ric, this is not something that you can do. Once it leaves the sender's hands, it's out of their control.
Ric, like Dory said, not possible with standard email as sent from Marketo.
This can only work in certain locked-down environments where the mail client (for example, Outlook) agrees to obey the permissions set in an email's digital signature* and/or where all emails go through a central collaboration server (for example, Exchange) that enforces similar policies. Any mail client that doesn't understand or disregards policies (say, Mozilla Thunderbird downloading from Exchange using IMAP) can forward whatever they want.
You might want to think about this from another angle: do you really want to prevent people from forwarding emails, or do you want the links in those emails to expire (or at least appear to expire)? What are the actual use cases you're confronting here, and how do they outweigh the value of people, in effect, voluntarily sharing your marketing content (s/o Josh Hill)?
* In theory, Marketo could sign emails accordingly for Outlook users. But I think this would cause more harm than good.
As Dory said, this is not really a controllable situation.
As Sanford suggests, what is it you really want to do and why? In almost all cases, there is no reason to care if someone forwards your email. And that there could be viral benefits to do this.
If you are sending private information by email, then you should reconsider your approach and ask people to login to a system that you can control better.
Easy way: Segment Leads. If they're in segment, they get the page you want. If not, a page that says "Scram!"
Not so good way: Put a form on the page. If known user, show custom HTML. Problem is that if they exist in your instance for any other reason they'll see the good stuff.
Hardest, safest way. Write a page with a script re-directing to the good page, store it in Marketo.
In your landing page, call the script if the visitor meets the criteria based on the lead to which they're tied. If you're sending the email through marketo then you have that person's info saved. Now, they'll have to be known leads in Marketo already. You can't send it to people out of the blue.
How I would do this: Send them an email inviting them to receive information. They go to a Marketo page and sign up for it. They're then sent a link to access the content. They click the link and you run a script that reads the lead tied to the cookie, not the token passed in the Email URL. If they meet the criteria, you re-direct them to the new page. If they don't, you forbid them from getting to the page.
But none of these stop someone from forwarding a link to whoever they want. There simply is no way to distinguish "real me" clicking from Outlook from "fake me" clicking from Gmail.
You can start trying out must-match-known-lead policies after someone is already associated, but before then it's impossible.
Sure there is.
Look, if I forward an email to you with a link to a landing page, the form will pre-pop with information tied to the cookie on your account. I just tested this yesterday. I'll forward you an email to a page and when you get there you won't see my info on the form. Emails are tracked by the token in the URL parameter but once they're on the page the cookie takes over.
Case in point:
Send an email to yourself directing you to a form.
Once you get to the form, put in new information.
Of course if you put in new information you're self-identifying as someone else! That should be obvious. If you always make someone enter or confirm "their" (hah) personal information instead of using Marketo's built-in association, then you naturally have control.
If I forward a Marketo email with a tracked link to someone else, when they click they are indistinguishable from me. This is the downside of automatic association, but we can't just wish away that this is the way people expect to use the platform.
I should clarify - if the person who is clicking on the email already has a Marketo record, it will kick them out. If the person to whom the email was forwarded is unknown, it will associate them. Forgot about that part.
So then, what you'd probably want to do:
Have the user register for the email.
If they're on the "approved list"...
Send them to a link to verify their email address.
If they're not on the Approved list...
Send them a "We're Sorry" email
On the verification landing page...
Write a cookie indicating they're authorized to view the information.
Send them the link to the page....
Check to see if they have the authorization cookie. If not, kick them out.