cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

External users cannot open encrypted email

ashmelburnian
Brass Contributor

‎May 31 2020 10:42 PM

‎May 31 2020 10:42 PM

External users cannot open encrypted email

Hi all, I searched the communities but couldn't find the answers I need in regards to Office 365 Message Encryption.

 

We have a customer that wants to send encrypted emails from Outlook.

 

When a non-Microsoft recipient (e.g. Gmail user) receives these emails they cannot open them. They get the following:

 

telecaster_0-1590989795644.png

 

It's my understanding that external recipients should be able to view encrypted email as per this article.

 

Can someone please help?

 

The sending user has a Microsoft 365 Business Premium license, and Azure Information Protection is active under the 365 tenant.

 

Thanks


Ash

Labels:
106K Views
0 Likes
25 Replies
Reply
25 Replies
ChristianBergstrom

‎Jan 26 2021 07:32 AM - edited ‎Jan 26 2021 08:18 AM

‎Jan 26 2021 07:32 AM - edited ‎Jan 26 2021 08:18 AM

Re: External users cannot open encrypted email

@piekedahla Hello, well I have used and configured the new OME so that external users that are not using EXO for ex. but instead Gmail, Yahoo etc. use either a OTP or their Social ID sign-in, to enter the OME portal.

 

How does your IRM-config and OME-config and mail flow rules look like? You said you're using AIP now. That's quite different as OME only have the "Encrypt-Only" and "Do not Forward" as options. The other options you get from your client are based from AIP.

 

You can even force all external users to go to the OME portal Manage Office 365 Message Encryption - Microsoft 365 Compliance | Microsoft Docs 

 

Out of curiosity does the rule look similar to this? (sorry about the quality)

bec064_0-1611677913909.png

 

I suggest you reach out to Microsoft for tech assistance. Something is obviously not configured properly.

0 Likes
Reply
Phil_M650

‎Apr 27 2022 03:01 AM

‎Apr 27 2022 03:01 AM

Re: External users cannot open encrypted email

@ChristianBergstrom 

 

Hi Folks just wondering if there is a simple fix to this yet? I am very much a non tech person just trying to help my wife send encrypted mail for her business via 365. All works fine as per the previous threads outlook to outlook but not with Gmail. All the advice in the previous threads looks too daunting for me to try! Hoping a simple fix has been found? Thanks Phil

0 Likes
Reply
piekedahla

‎Apr 27 2022 07:19 AM

‎Apr 27 2022 07:19 AM

Re: External users cannot open encrypted email

@ashmelburnian 

 

We had to move to Azure and start using the new encryption method.  When we made the change, encrypted messages sent to Gmail, Hotmail, Outlook, and other e-mail services could be decrypted.  Azure enabled the authentication needed to make the decryption process seamless.  Now, all is well.  Our external partners and collaborators can open and respond to secured messages sent to their corporate and personal accounts.

0 Likes
Reply
Phil_M650

‎May 11 2022 04:37 AM

‎May 11 2022 04:37 AM

Re: External users cannot open encrypted email

@piekedahla 

Thanks for the reply. So a full switch to Azure rather that just the Azure access given to you via a 365 subscription?

0 Likes
Reply
piekedahla

‎May 11 2022 05:43 AM

‎May 11 2022 05:43 AM

Re: External users cannot open encrypted email

We had to migrate to Azure Information protection:

Set up new Message Encryption capabilities (https://docs.microsoft.com/en-us/microsoft-365/compliance/set-up-new-message-encryption-capabilities...)

Important
If you use Active Directory Rights Management service (AD RMS) with Exchange Online, you need to migrate to Azure Information Protection before you can use the new OME capabilities. OME is not compatible with AD RMS.
0 Likes
Reply
Kevin Osborn

‎Feb 01 2024 06:11 AM

‎Feb 01 2024 06:11 AM

Re: External users cannot open encrypted email

@ashmelburnian I am with you.  Microsoft and Google need to work together on this.

 

I use Gmail.  When an outlook user sends me an email I get this.

KevinOsborn_0-1706796325912.png

If I click the message.html attachment I get a new Chrome window with this message.

KevinOsborn_1-1706796393518.png

If I download the message.html and doubleclick/run the file it does nothing different that if I click the file from within Gmail (i.e. it opens a new chrome window/tab) like this.

KevinOsborn_2-1706796490388.png

Now I have to sign in with my Microsoft account to see the message.

 

My issues is the I'm already signed in to my Microsoft account with "stay signed in checked" so when I get an encrypted message in Gmail just display the freaking message.  I'm already signed in to my Microsoft account so stop making me jump through hoops to see the message.  Sometimes I get a couple dozen encrypted messages a day and I have to go through the ridiculous process for every single message.

 

0 Likes
Reply