We are Office 365 Enterprise customers. I have setup an open relay SMTP connector through our 365 Exchange Online service, for use by our internal office machines to be able to scan-to-email documents to both internal and external entities. I also setup a compliance policy that automatically encrypts outbound emails containing credit card information. Our industry is a bit ancient in that many of our customers and vendors still rely on sharing credit card information via email message bodies or PDF attachments. The compliance policy works excellent for this, it does not require our employees to specifically select email encryption. However I have noticed that the open relay connector does not integrate with this compliance policy. Am I missing something or is there no way to automatically encrypt these scant-to-emails? Even if I have our employees scan-to-email them to their own mailboxes so that they can then forward the emails/attachments to the external recipient using manual encryption the emails still travel through 365 unencrypted. This is not only unacceptable from an enterprise standpoint, it is a violation of PCI-DSS requirements.
What are other options for 365 customers to ensure these emails are encrypted?