Looking to report on number of Encrypted vs. Non-Encrypted emails sent by my users internally?

Copper Contributor



I am looking to report on the number of users who are sending encrypted (SMIME Encryption Certificates) vs non-encrypted email to each other. Basically need to track down users who are disabling the functionality or are otherwise not setup correctly. Not the TLS endpoints. 


Seems there was a report in the compliance center circa 2018 but I don't see in there now days. Can you point me in the right direction of a PowerShell script or maybe a report or log I overlooked? 


thanks in advance! 


4 Replies
Define "encrypted"? If you mean TLS, internal messages are always protected, and for external you can find reports under https://admin.exchange.microsoft.com/#/reports/mailflowreportsmain
If you mean RMS/AIP/MIP protected messages, I cannot think of any built-in report, but you can leverage the Activity explorer (https://compliance.microsoft.com/datalossprevention?viewid=activitiesexplorer)
Thank you for replying.

Only my second week with Microsoft 365 so not sure all the branding yet, but I am looking at SMIME Encryption Certificates we have our users use.
Nothing built-in for reporting on S/MIME usage, I'm afraid.
Yeah, that's what I am discovering. Exchange logs don't seem all that useful either. Never used powershell before wondering if we perhaps there is gold there?