Forum Discussion
Force external users to use OME Portal (versus decryption in Outlook for PC or Outlook Web Access)
AsTheCrowFlew Hello again Paul! As we both have spent quite some time on this conversation, how about making a "best response" to this reply to others for future reference?
1. To use OME standard setting with the default templates Encrypt-Only and Do Not Forward per email. Do it manually.
2. To use OME standard setting and the default templates Encrypt-Only and Do Not Forward automatically not forcing a wrapper. Use EAC transport rules without adding custom branding.
3. To use OME standard setting with the default templates Encrypt-Only and Do Not Forward automatically forcing a wrapper. Use EAC transport rules with custom branding selecting default 'OME Configuration'.
4. To use OME with additional configuration options and the default templates Encrypt-Only and Do Not Forward automatically forcing a wrapper. Use EAC transport rules with custom branding templates (requires Advanced OME).
5. To force all external recipients to use the OME portal use https://docs.microsoft.com/en-us/microsoft-365/compliance/manage-office-365-message-encryption?view=o365-worldwide#use-a-custom-template-to-force-all-external-recipients-to-use-the-ome-portal-and-for-encrypted-email
Obviously one could use PowerShell and other configuration options, but I believe this covers the "basics" pretty good.
Let me know if you put up a UV and I will vote on it.
AsTheCrowFlew To be clear, we don't want to encrypt every message, we just want to force the messages that are encrypted to be viewed through the portal. More accurately, we want to force users of a particular domain to use the portal (but we can tackle that separately).