Jun 23 2020 10:28 AM - last edited on Nov 09 2023 11:09 AM by
Hello,
We have AIP and in the last couple of weeks there are lot of complaints about people not able to send/open protected e-mails. E-mails either marked for "Recipients Only" or any AIP unified label that is set for "protection". I am sure this was all working until this last Outlook update.
Jun 23 2020 10:31 AM
Hi, do you have a more specific example of the errors encountered please?
Also, are you using the classic labelling client or the unified client?
Jun 23 2020 01:20 PM
Here is the image of a test message that I sent to myself. I marked the e-mail with AIP label "Confidential\Recipients Only"
Prior to this issue I used to be able to read the email natively in outlook but now I am seeing it as an attachment and I also get a link "Read Message" which points to the below URL:
Which in turn opens the email in OWA rather than in outlook client itself.
When I try to open an e-mail like this from someone else the it opens the same message as below
Jun 24 2020 07:32 AM
Oct 29 2021 02:55 AM
@JamesRV - did you find answer or solution for this problem?
I am having same issue, interestingly - my outlook (O365 Outlook Version 2109 - Current channel) as two three from two different O365 tenant and user experience is different :
1. user1@tenant1.com -
3. sharedmailbox@tenant2.com (user1@tenant2.com is member with full access at this sharedmailbox)
user1@tenant2.com sent encrypted email to user1@tenant1.com and sharedmailbox@tenant2.com and getting following behaviour:
user1@tenant1.com keep getting encrypted email in .rpmsg format like you mentioned where sharedmailbox@tenant2.com (where user1@tenant2.com is full access member) mailbox open encrypted email inside outlook
Feb 10 2022 06:55 PM
@mevaibhav831345 Any resolution on this. I've been in this OME rabbit hole for about 2 years
Feb 14 2022 01:11 AM - edited Feb 14 2022 01:13 AM
@AsTheCrowFlew - Multiple account at Outlook for AIP world in many case more like unsupported scenario especially with AIP UL client at Outlook or there is temporary authentication failure (which usually happen for exchange mailbox behind the scene).
Because of unsupported scenario, there could be different (some unexpected like you see one at your end) UX when there are multiple account at one profile or multiple account spread across multiple profile.
Make sure to have following in-place (there is no permanent fix for my scenario) to deal with .rpmsg UX for email at Outlook when mailbox is hosted at Exchange Online:
Feb 14 2022 04:06 AM
The recipient is often not us, so we don't have the ability to troubleshoot the other end. It's almost always the case that OWA and Microsoft Mail can decrypt the message, but the full Outlook client can't. For many of our partners OWA and Microsoft Mail is not allowed. I want to embrace OME but the recipient behavior is wildly inconsistent making it difficult for users to adopt.
Feb 17 2022 05:00 PM - edited Feb 17 2022 05:17 PM
same here, our clients can't open these new azure encryption mails, it just keep downloading over and over when they click on it, and they never get the 'open message' button in the email. And there not going to become MS email encryption experts to figure it out either. This process use to be so easy with a mail rule Encrypt for the subject line, and the HTML link that always worked via login and one-time passcode. Now the whole process is so convoluted there own techs can't figure out why ours just abruptly stopped working after a decade, unbeknown to us while documents setup in SMTP automation were going out unencrypted to clients. We only discovered it after our SMTP emails also started to fail, then discovered SMTP has to be assigned to the individual user now. We must of missed the memo on that one. the MS tech wrote our new Encrypt by subject line mail rule and it still didn't work. The problem is the have all these different licenses now and they keep changing what they offer and appeared some of our exchange 1 licenses were so old the tech couldn't believe we could encrypt emails ever, I'm still not sure if he believes me, now they can't fix it.
Feb 18 2022 12:47 AM
Feb 18 2022 05:31 AM
Feb 18 2022 06:20 AM
@AsTheCrowFlew yea it's just gotten frustrating. Our clients are medical facilities so email encryption is a must have for us, kind of puts everything at a stand-still. It can't linger on for a day let alone a week like it has with no solution from MS techs, or seemly any sense of urgency. And it's Friday and no word yet this morning. Since our exchange mail rule stopped working MS can't figure it out and we're sort of stuck ATM, all our emails need to be encrypted (PHI). Prior to a couple weeks ago, all we did was put 'encrypt' in the subject line and that would encrypt the mail and our clients would receive an html link they never had any issues opening, either with the one-time passcode or creating a login. Now MS has setup this new encryption method via the azure portal, spent over 2 hrs on the phone with the tech setting it all up and getting it activate (we think), using all these PowerShell commands, creating a new mail flow rule, disabling the old one, adding licensing, not even sure what PowerShell has to do with email encryption to begin with (it's certainly not user friendly like they claim, and none of it worked). How does MS expect admins to figure it out, if they can't. All our clients have their own mail systems, they don't use 365 or outlook. Best we can do ATM is encrypt the email via the lock icon in outlook but our clients can't open the rpmsg message, neither can we. There's no button to 'view this message'. And one can only spend so much time reading about email encryption and sitting on phone with a tech for hours before your sanity starts to slip :). K I'm just ranting now, thanks for responding!
Mar 31 2022 02:43 AM
Mar 31 2022 02:49 AM
Mar 31 2022 03:54 AM - edited Mar 31 2022 03:55 AM
Thanks, but that article seems to focus on setting it up for your organization.
However, in this case it is some external party that just decided to send us an encrypted message this way. We do not use this functionality within our organization, but articles seem to suggest that a receiving party only needs a compatible app to read it. No extra infra settings needed.
User is able to read the email in an Outlook client outside of Citrix. It only refuses to work for the Outlook app within Citrix (OWA opened within the same Citrix sessions opens the e-mail just fine). I still think it's a compatibility issue somewhere but I'll keep looking.
Apr 05 2022 08:01 AM
May 01 2022 03:06 AM
Outlook.live com OWA is not blocked on my computer. It just has zero function to open a .RPMSG file.
It also has zero ability to realize that I am the intended recipient. I don't know what else it doesn't know, but it's as far as possible from artificial intelligence and pretty close to natural ignorance.
What is "non-exchange/OWA" ? Explain!
You say: - if recipient mailbox is on non-exchange/OWA (like social identity) (sic: he/she/it is missing) will continue to see that .rpmsg attachment (at outlook client) even though they use Outlook client.
I say: I can see the RPMSG file in both the OWA version and the "Outlook client" version. Neither of them opens it.
You say: "- if recipient device has multiple account in-use (like recipient using his personal device where he has his own individual personal account in-use along side recipient company account) then also user get into such problem."
I say: So, are you saying that if I have two personal e-mail accounts (my wife and my own) then the whole RPMSG file process gets confused? Even though "the e-mail with the .RPMSG file in it" is clearly and positively addressed to my OWN e-mail address, and not to anyone else. To me that sounds like a major programming mistake that should have been caught before releasing this monstrosity on the public. Seems like MSFT no longer tests or fixes anything.
Regarding your statement "To be honest, due to lack of control/choice - only thing that i can suggest is recipient to get in touch with their IT team. "
Well, what in the world makes you think that the person working at home has something as expensive and as unable to help as a so-called "IT team"? I gather from my searches on the internet that problems with opening .RPMSG files have been around for more than five years now. MSFT is not interested in fixing this. They probably have some kind of statistical threshold that says: If a problem is reported by fewer than 2% of the customers, then we won't respond, won't fix it, because eventually people will give up. At this point it seems that MSFT fired the person in charge of this, so nobody is in charge of the whole mess. It is up to MSFT to prove me wrong by fixing the thing.
Jun 09 2022 11:36 AM - edited Jun 09 2022 11:37 AM
Same issue here for some reasons, with the correct license and settings we are ALWAYS forced to open encrypted emails in OWA. As if Outlook 365 isn't supporting .RPMSG files anymore... more over, it is now adding "message_v2.rpmsg" as attachements, instead of message.rpmsg.
I believe it might be something on Microsoft's end.
Aug 18 2022 02:07 PM
@JamesRV , I just got off the phone with support, and they fixed the issue for me at the tenant level.
Aug 18 2022 02:27 PM
Well, then, do tell how that problem is to be fixed? Is there a free file opening utility somewhere?
Because, I certainly will not pay for something that Microsoft messed up. And, Mr. Jayblaster, why would you post here, saying the "problem was fixed at tenant level", but you do not provide any further detail about this? How is that helpful to anyone?
I fixed the problem by "no longer using the so-called encryption function" made available within the
" https://outlook.live.com/mail " system. I use other systems that do work. If Microsoft is "happy with stuff that does not work", then that is their problem.
Just FYI, I don't use Microsoft OneDrive. Why? Because they do not allow storage of encrypted files.
And why is that? No answer! No explanation!