Forum Discussion
How do I read client's responses to my encrypted emails?
I'm sending encrypted emails to my Gmail as a test, and I would respond back from my Gmail. I just found out I have this encryption feature by going to Options tab > click Encrypt when drafting an email.
When I receive the response back from Gmail account, the email states "email address removed for privacy reasons sent you a protected message" with a "read the message" link. The read link seemingly does nothing. It just creates another browser tab and shows me the exact same email with the read link.
I've tried opening the read link from OWA in incognito mode, tried different browser and tried opening on my phone but the same results. I also tried out the desktop Outlook (New) to see if it's any better, but clicking on the "Read the message" link always tries to open a webpage anyways.
I'm making sure no other M365 account is being used (I only have one) since that seems to be a common comment in similar threads. Any ideas on what's happening?
8 Replies
Hi Tech_Stacker,
This is a common and frustrating issue with Microsoft's message encryption, especially when dealing with external recipients like Gmail. You've correctly identified the core problem: the "Read the message" link isn't leading to the expected decryption portal for the Gmail response.
Here's a breakdown of what's likely happening and what you can try:
Understanding Microsoft's Encryption and Gmail's Handling:
When you send an encrypted email from Outlook (M365) using the "Encrypt" option, it's typically leveraging Microsoft Purview Message Encryption (formerly Office 365 Message Encryption - OME), which is built on top of Azure Information Protection (AIP).
For internal Microsoft 365 recipients: The message usually decrypts seamlessly within Outlook/OWA.
For external recipients (like Gmail, Yahoo, etc.): Microsoft sends a "wrapper" email. This wrapper email contains:- The subject and sender information.
- A link (the "Read the message" link) that directs the recipient to a secure web portal hosted by Microsoft.
- Through this portal, the recipient authenticates (usually by signing in with their Gmail/Microsoft/Yahoo account or requesting a one-time passcode to their email address) to view the encrypted content.
As per my understanding "Read the message" link is failing for your Gmail response because when Gmail receives the encrypted email and you click the "Read the message" link, it should take you to Microsoft's portal for decryption. However, when you reply from Gmail, Gmail doesn't know about Microsoft's encryption method.
Instead, when you reply to an encrypted message from the Microsoft OME portal (which is what usually happens when a Gmail user reads an encrypted message and replies through the portal), the reply itself is sent back as an encrypted attachment, usually a .rpmsg file (Rights-Managed Email Message).
So my conclusion is - your Gmail response is coming back not as a clear-text reply that Outlook can easily decrypt, but potentially as another form of protected message that Outlook isn't automatically handling, or the "Read the message" link in the response email is actually pointing back to the original encrypted email you sent, not the encrypted reply from Gmail.
So, when you receive the response from Gmail, can you check if there is an attachment in your Outlook email, typically named something like message.rpmsg or message_v2.rpmsg?
If there is an .rpmsg attachment, you need to double-click this attachment within your desktop Outlook client. This is the actual encrypted reply content. Outlook (especially if you're signed in with the same M365 account that sent the original email) should then be able to decrypt and display the content.
If no .rpmsg attachment is present (which would be unusual for an encrypted reply):
Go back to the email from Gmail. Click the "Read the message" link. When the new browser tab opens, carefully observe the URL. Does it look like a Microsoft OME portal URL (e.g., https://outlook.office365.com/.... or https://portal.azurerms.com/...)? And check, if it gives you options to sign-in with your Microsoft or Google account?
Hi Gyan, you have my experience down to the T! I appreciate the explanation of its process during sending and receiving back the email. Very concise!
Yes I also receive those message_V2.rpmsg attachments. However I can't double-click on them (in Outlook desktop) to read those messages. Windows asked me which program the file type needs to be associated with. If I were to manually browse to the Outlook program, Windows just throws an error along the lines of the file type can't be associated with the program. I am trying my best to troubleshoot this on my own, but I am at roadblock again with this particular issue.
I'm seeing references from videos and articles that I supposedly can open this file on OWA, but clicking on it just downloads the rpmsg file to my local computer. Have you had experience on what the issue is and what I can do to fix this? Apologies if this is a duplicate reply. This website seems to want to approve of my reply before posting.Hi Tech_Stacker,
Thanks for writing me!
Apologies for the delayed response — I was away from work due to personal reasons.
I don’t see any problems with what you’re trying. So, if you are still facing the issue and possible for you, could you generate a sample message_v2.rpmsg file and share it with me? That way, I can review it and try to look into the problem you’re facing.
Wow - you described my exact experience to the T'. I had to read that 2-3 times with how accurate it is!
I appreciate the explanation of the entire process and why it's more difficult with an external email address like Gmail.
Yes, I do get an attachment called message_v2.rpmsg. I have tried opening it on my Outlook for Desktop and OWA but I haven't had luck.I promise - I am doing my best due diligence to troubleshoot this myself with my Google-fu. When I open this attachment from my desktop Outlook, Windows asked me which program to open this file with. Even if I tried to manually browse to the Outlook application, the computer says the file can't be associated with the program (Outlook). I'm also seeing references that I should be able to open this rpmsg file on OWA, but whenever I click on the attachment itself from OWA it just downloads the file to my computer.
I am making sure that my Outlook desktop has only one M365 account logged in, so I assume my Outlook should be able to automatically decrypt that attachment. It's the same account + application that I send out the encrypted email. Have you run into this issue before? In the meantime, I will plan to test this on my laptop to see if it works. Maybe it's my desktop PC that's the problem...
Are you using a paid 365 Business account with the encryption or a 3rd party encryption? Or what are you using? Knowing that will help us, help you.
I have the Business Standard license, thank you!
hi Tech_Stacker since I don't know what else you've done to setup your encryption, generally you have to have a few configurations (from what I have seen in the past) to use it through Outlook/365. I tested it and it failed before I even sent it out, so you have something configured correctly to be able to send it. You might want to reach out to Microsoft business support to help with this one.
In Outlook click File → Properties → Security Settings → Decrypt and you're done!
