03-16-2017 03:13 PM
03-16-2017 03:13 PM
Hi, all! I've recently been exploring Office 365 Message Encryption (OME) for a customer who's looking to replace an on-premises email appliance and move entirely into Exchange Online. To do that, I need to meet the requirements that they are currently fulfilling through that appliance. An important make-or-break one is message encryption. If a user uses a keyword in the subject of the email then the message would be encrypted akin to what happens with OME. Thankfully, I can create a rule that does this, and it works great. There's one additional piece I'd like to do and was wondering if any of you would know of a way to do it? I'm not sure yet if this is a deal-breaker for them.
When the appliance sends the email, it does so with a subject like "Somebody sent you an encrypted email." OME preserves the original subject when it sends that email with the instructions to decrypt the email. This is a problem for us because the subject might contain PI or HIPAA information. They need that subject changed to remove the risk of potential sensitive information. I managed to do this in the mail flow (transport) rule by using the "Set the message header to this value" action and changing the "Subject" header to "Somebody sent you an encrypted email." I tested this and it works. However, the original encrypted email, when the user signs in and retrieves it, has its subject changed. The original subject is wiped out and instead is "Somebody sent you an encrypted email." This is far from ideal.
What I'd like to do is only change the subject in that email notifying the user of the encrypted email. You can change a bunch of text inside that email using Set-OMEConfiguration (see https://technet.microsoft.com/en-us/library/dn569292.aspx), but none of the options allow you to change the subject of the email. I just need one more parameter to that cmdlet! :)
I'm pretty sure that what I'm looking for can't be done. I suspect it's like asking for another color in the rainbow. However, I'd like to be sure when I report back to my customer. It's possible that this might be a make-or-break requirement.
03-17-2017 12:36 AM
Afaik no. Transport rules will work as you mentioned, but not to the desired effect. I guess you can request this as a feature on User Voice, perhaps they can add additional parameter to Set-OMEConfiguration.
03-17-2017 09:54 AM
I really think you're right about it not being available. Great idea to request the feature. I'll do that. Thanks, Vasil.
03-17-2017 10:06 AM
User Voice request has been submitted! https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/18648268-of...