Home

Microsoft Transport Rule to Encrypt Sensitive Email

%3CLINGO-SUB%20id%3D%22lingo-sub-330165%22%20slang%3D%22en-US%22%3EMicrosoft%20Transport%20Rule%20to%20Encrypt%20Sensitive%20Email%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-330165%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMicrosoft%20has%20released%20details%20of%20an%20Exchange%20Online%20transport%20rule%20to%20encrypt%20outbound%20email%20containing%20sensitive%20data%20types%20like%20credit%20card%20numbers.%20The%20rule%20works%20(after%20fixing%20the%20PowerShell)%2C%20but%20needs%20to%20be%20reviewed%20and%20possibly%20adjusted%20to%20meet%20the%20needs%20of%20Office%20365%20tenants.%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Foffice365itpros.com%2F2019%2F02%2F04%2Ftransport-rule-encrypt-sensitive-email%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Foffice365itpros.com%2F2019%2F02%2F04%2Ftransport-rule-encrypt-sensitive-email%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-330165%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%20Server%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-333919%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Transport%20Rule%20to%20Encrypt%20Sensitive%20Email%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-333919%22%20slang%3D%22en-US%22%3E%3CP%3EI%20was%20hoping%20MSFT%20would%20provide%20a%20way%20of%20creating%20a%20scoped%20connector%20which%20tested%20if%20the%20recipient%20could%20do%20TLS1.2%20and%20if%20not%20automatically%20apply%20OME.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20a%20lot%20of%20sensitive%20outgoing%20email%20that%20needs%20to%20be%20encrypted%20in%20transit.%20Using%20a%20TR%20to%20put%20it%20out%20on%20a%20scoped%20connector%20with%20mandatory%20TLS%20when%20the%20default%20behaviour%20is%20to%20try%20TLS%20then%20go%20into%20a%2024%20hour%20retry%20cycle%20is%20no%20use.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20wanted%20a%20connector%20that%20tried%20TLS%20then%20would%20sense%20the%20failure%20and%20instead%20wrap%20the%20message%20in%20OME%20and%20send%20that.%20We%20don't%20have%20the%20time%20to%20maintain%20lists%20of%20recipients%20that%20can't%20to%20TLS%20and%20test%20for%20the%20domain%20in%20the%20TR.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Tony Redmond
MVP

 

Microsoft has released details of an Exchange Online transport rule to encrypt outbound email containing sensitive data types like credit card numbers. The rule works (after fixing the PowerShell), but needs to be reviewed and possibly adjusted to meet the needs of Office 365 tenants.

https://office365itpros.com/2019/02/04/transport-rule-encrypt-sensitive-email/

1 Reply

I was hoping MSFT would provide a way of creating a scoped connector which tested if the recipient could do TLS1.2 and if not automatically apply OME.

 

We have a lot of sensitive outgoing email that needs to be encrypted in transit. Using a TR to put it out on a scoped connector with mandatory TLS when the default behaviour is to try TLS then go into a 24 hour retry cycle is no use.

 

We wanted a connector that tried TLS then would sense the failure and instead wrap the message in OME and send that. We don't have the time to maintain lists of recipients that can't to TLS and test for the domain in the TR.

 

 

Related Conversations
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Teams error code - 6
damnit95 in Office 365 on
4 Replies
Email Domain for Posts to a Channel
Jim Hill in Microsoft Teams on
17 Replies
iOS Native VS Outlook
Daniel Schmidt in Microsoft Intune on
7 Replies
Receiving emails is delayed
Kristen_100 in Microsoft Teams on
1 Replies