cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OWA Protect - Do Not Forward details

Mike Marien
Copper Contributor

‎May 17 2018 09:40 AM - edited ‎May 17 2018 09:40 AM

‎May 17 2018 09:40 AM - edited ‎May 17 2018 09:40 AM

OWA Protect - Do Not Forward details

Greetings Folks,

 

Just trying to get a better understanding of DNF with our Office 365 setup. I finally found this link, which explained a lot, but what I am still stuck on is if the the DNF rules only apply to other users within our domain.

 

In other words, if I am sending from my @example.com account to another @example.com user, the DNF rule makes sense, we don't want the message to leave our organization (@example.com).

 

If I send an email from my @example.com email to a @contoso.com email address and apply the DNF policy, it seems the recipient at @contoso.com cannot even open the message. Is that the expected behavior? As in, the DNF rule disallows the message from leaving @example.com's organization, so by sending the message to @contoso.com, the rule is doing what it's supposed to and not allowing the recipient to open?

 

I guess this leads to a more basic question of, is the default DNF rule usable for recipients outside our organization?

 

( I'll apologize if this has been covered before, but I've been searching for the last 2 hours for clarification and couldn't find anything. Any clarification will be appreciated! :) )

Labels:
4,020 Views
0 Likes
4 Replies
Reply
4 Replies
Vasil Michev

‎May 17 2018 11:58 AM

‎May 17 2018 11:58 AM

Re: OWA Protect - Do Not Forward details

Depends on the type of recipient and the "flavor" of DNF you currently have setup. The way RMS works, the client (Outlook) needs to contact the server (Azure RMS) to obtain a "license" which is used to decrypt the message. In order to do so, the client will pass along the user credentials, and obviously the user needs to be able to authenticate against Office 365. This is not possible for a @gmail.com account for example, for such scenarios you can use the new "O365 message encryption" feature, which works seamlessly for external recipients as well by using a "proxy" portal. Read more about it here: https://support.office.com/en-us/article/set-up-new-office-365-message-encryption-capabilities-built...

0 Likes
Reply
Mike Marien

‎May 21 2018 07:39 PM

‎May 21 2018 07:39 PM

Re: OWA Protect - Do Not Forward details

@Vasil Michev, thank you for your response.  In looking through our account, I believe we have basic RMS setup.  I was testing both DNF and Protect -> Encrypt options from within the web client.

 

I believe we've tracked down where the issue was with one of our customers given the information.

 

The only remaining think that I'd be curious about from anyone, is if it's possible to change the default behavior of the Protect button in the web client.  By default, it does DNF, I have several requests to modify it (if possible) to Encrypt instead.

 

Is anyone aware if this is possible to change?

0 Likes
Reply
Vasil Michev

‎May 21 2018 11:29 PM

‎May 21 2018 11:29 PM

Re: OWA Protect - Do Not Forward details

Afaik you cannot modify this.

0 Likes
Reply
Mike Marien

‎May 22 2018 09:25 AM

‎May 22 2018 09:25 AM

Re: OWA Protect - Do Not Forward details

I presumed that was the case, but I figured I'd check.  Thank you very much, your info was greatly appreciated! :)

0 Likes
Reply