SOLVED

message.rpmsg

%3CLINGO-SUB%20id%3D%22lingo-sub-135378%22%20slang%3D%22en-US%22%3ERE%3A%20message.rpmsg%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-135378%22%20slang%3D%22en-US%22%3EHi%20Vasil%2C%20That%20worked%20a%20treat%20and%20is%20now%20so%20much%20easier%20-%20thank%20you.%20I%20have%20a%20few%20questions%20around%20using%20the%20solution%20with%20external%20recipients%20if%20you%20can%20help%3F%201)%20If%20I%20send%20an%20email%20to%20fred%40mycompany.com%20(no%20attachments)%20with%20a%20protection%20policy%20applied%20that%20fred%20is%20not%20included%20in%2C%20I%20presume%20fred%20will%20not%20be%20able%20to%20open%20the%20email%3F%202)%20If%20I%20send%20an%20email%20to%20fred%40mycompany.com%20(with%20unprotected%20attachment)%20and%20use%20the%20Do%20Not%20Forward%2C%20I%20presume%20fred%20can%20open%20the%20email%20and%20the%20attached%20but%20presume%20the%20attachment%20is%20not%20protected%20and%20could%20be%20extracted%20%2F%20screen%20grabbed%3F%203)%20If%20I%20send%20an%20email%20to%20fred%40mycompany.com%20(with%20a%20mix%20of%20protected%20and%20unprotected%20attachments%20and%20use%20a%20separate%20protection%20policy%20for%20the%20email%20compared%20to%20the%20protected%20attachments%2C%20I%20guess%20the%20unprotected%20documents%20get%20the%20over-arching%20policy%20but%20do%20the%20originally%20protected%20attachments%20retain%20their%20previous%20policy%2C%20get%20a%20replacement%20policy%20or%20a%20composite%20policy%3F%204)%20If%20fred%40mycompany.com%20is%20not%20listed%20in%20a%20particular%20policy%20but%20I%20want%20to%20add%20him%2C%20does%20fred%20have%20to%20be%20added%20by%20an%20admin%20in%20the%20policy%20settings%20(i.e.%20add%20to%20Azure%20directory%20as%20contact)%20then%20applied%20to%20the%20policy%20before%20I%20can%20email%20fred%20(I%20know%20that%20this%20can%20be%20done%20using%20the%20AIP%20client%20using%20the%20Classify%20and%20Protect%20feature%20to%20add%20other%20recipients%20but%20I%20can't%20see%20how%20this%20can%20be%20applied%20using%20an%20email%20client%20or%20using%20a%20Word%20document%20if%20stored%20in%20Sharepoint)%3F%20Sorry%20-%20a%20lot%20of%20questions%20but%20these%20are%20the%20main%20scenarios%20that%20present%20themselves%20when%20implementing%20the%20solution.%20Your%20thoughts%20are%20gratefully%20received%20%3A-).%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-134543%22%20slang%3D%22en-US%22%3ERe%3A%20message.rpmsg%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134543%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20Vasil%2C%20I'll%20give%20it%20a%20go.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-134385%22%20slang%3D%22en-US%22%3ERe%3A%20message.rpmsg%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134385%22%20slang%3D%22en-US%22%3E%3CP%3EBest%20thing%20you%20can%20do%20is%20to%20indeed%20configure%20what's%20shown%20in%20the%20video%2C%20the%20new%20V2%20Office%20Message%20Encryption%20service.%20It%20makes%20it%20much%20easier%20on%20the%20receiving%20party%20to%20work%20with%20protected%20documents.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHere's%20the%20documentation%3A%20%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2FSet-up-new-Office-365-Message-Encryption-capabilities-built-on-top-of-Azure-Information-Protection-7ff0c040-b25c-4378-9904-b1b50210d00e%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2FSet-up-new-Office-365-Message-Encryption-capabilities-built-on-top-of-Azure-Information-Protection-7ff0c040-b25c-4378-9904-b1b50210d00e%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-134251%22%20slang%3D%22en-US%22%3Emessage.rpmsg%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-134251%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%20I'm%20trying%20to%20find%20an%20answer%20to%20an%20issue%20that%20I%20am%20experiencing.%20If%20I%20send%20an%20Azure%20Information%20Protection%20email%20message%20to%20one%20of%20my%20clients%2C%20they%20receive%20an%20email%20with%20an%20attachment%20-%20'message.rpmsg'%20and%20the%20subject%20indicating%20that%20they%20are%20the%20recipient%20of%20a%20protected%20message.%20If%20the%20client%20attempts%20to%20opens%20the%20file%20using%20an%20iOS%20device%20using%20Microsoft%20Outlook%2C%20the%20file%20cannot%20be%20opened%20or%20shared.%20If%20they%20attempt%20to%20open%20the%20attachment%20with%20the%20native%20email%20client%2C%20they%20get%20the%20option%20to%20share%20the%20file%20with%20the%20AIP%20Viewer%20app%20they've%20downloaded%20and%20once%20authenticated%20they're%20good%20to%20go%20(albeit%20a%20clunky%20process).%20If%26nbsp%3Bthey%20client%20tries%20to%20open%20the%20attachment%20using%20their%20email%20app%20on%20their%20PC%2C%20say%20Outlook%202016%2C%20the%20file%20cannot%20be%20handled%20and%20the%20user%20is%20unable%20to%20open%2C%20even%20if%20they%20try%20and%20associate%20it%20with%20Outlook%20or%20the%20AIP%20viewer%20or%20the%20AIP%20client.%20I%20can't%20believe%20that%20such%20a%20great%20solution%20in%20principal%2C%20is%20so%20complex%20to%20use%20and%20I%20have%20therefore%20come%20to%20the%20conclusion%20that%20the%20solution%20has%20been%20implemented%20incorrectly.%20BTW%2C%20I%20am%20currently%20engaging%20with%20MS%20Support%20Services%20which%2C%20without%20sounding%20too%20disparaging%2C%20is%20tedious.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECan%20anyone%20put%20me%20on%20the%20right%20path%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBTW%2C%20I%20watched%20this%20%3CA%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DGWcnZFMPcnE%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Evideo%3C%2FA%3E%20and%20it%20suggested%20that%20new%20functionality%20is%20coming%20to%20make%20this%20easier%3F%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMany%20thanks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-134251%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EInformation%20Protection%20and%20Governance%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Information%20Protection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Contributor

Hi, I'm trying to find an answer to an issue that I am experiencing. If I send an Azure Information Protection email message to one of my clients, they receive an email with an attachment - 'message.rpmsg' and the subject indicating that they are the recipient of a protected message. If the client attempts to opens the file using an iOS device using Microsoft Outlook, the file cannot be opened or shared. If they attempt to open the attachment with the native email client, they get the option to share the file with the AIP Viewer app they've downloaded and once authenticated they're good to go (albeit a clunky process). If they client tries to open the attachment using their email app on their PC, say Outlook 2016, the file cannot be handled and the user is unable to open, even if they try and associate it with Outlook or the AIP viewer or the AIP client. I can't believe that such a great solution in principal, is so complex to use and I have therefore come to the conclusion that the solution has been implemented incorrectly. BTW, I am currently engaging with MS Support Services which, without sounding too disparaging, is tedious.

 

Can anyone put me on the right path?

 

BTW, I watched this video and it suggested that new functionality is coming to make this easier??

 

Many thanks.

3 Replies
best response confirmed by NEIL MARLOWE (Occasional Contributor)
Solution

Best thing you can do is to indeed configure what's shown in the video, the new V2 Office Message Encryption service. It makes it much easier on the receiving party to work with protected documents.

 

Here's the documentation: https://support.office.com/en-us/article/Set-up-new-Office-365-Message-Encryption-capabilities-built...

Thanks Vasil, I'll give it a go.

Hi Vasil, That worked a treat and is now so much easier - thank you. I have a few questions around using the solution with external recipients if you can help? 1) If I send an email to fred@mycompany.com (no attachments) with a protection policy applied that fred is not included in, I presume fred will not be able to open the email? 2) If I send an email to fred@mycompany.com (with unprotected attachment) and use the Do Not Forward, I presume fred can open the email and the attached but presume the attachment is not protected and could be extracted / screen grabbed? 3) If I send an email to fred@mycompany.com (with a mix of protected and unprotected attachments and use a separate protection policy for the email compared to the protected attachments, I guess the unprotected documents get the over-arching policy but do the originally protected attachments retain their previous policy, get a replacement policy or a composite policy? 4) If fred@mycompany.com is not listed in a particular policy but I want to add him, does fred have to be added by an admin in the policy settings (i.e. add to Azure directory as contact) then applied to the policy before I can email fred (I know that this can be done using the AIP client using the Classify and Protect feature to add other recipients but I can't see how this can be applied using an email client or using a Word document if stored in Sharepoint)? Sorry - a lot of questions but these are the main scenarios that present themselves when implementing the solution. Your thoughts are gratefully received :-).