Internal users getting warning message when trying to view other internal users encrypted emails saved on a fileserver for audit purposes

George O 1 Reputation point
2020-12-08T10:53:43.277+00:00

Hello,

My organisation is setup with O365 E3 Licenses with Hybrid Exchange for our internal users.

Forgive me if this question exists but went through a search of O365 and email encryption gave a result of 1.3 million questions and was told to transfer this question to this forum now. I went through the first few pages and gave up trying to locate a possible answer.

Here are my issues:

We are now setup with Email Encryption through O365 and our users can send encrypted messages by 'Encrypt-Only' or 'Do not forward' for external use.

Both options work for external users when done correctly, however, if the any internal user saves the 'sent encrypted email' on a fileserver for audit purpose, nobody else can open the email besides the user who sent it.

When you click on the encrypted saved email and you are not the user who saved it, you get a dialogue box stating the following:

'You are not signed into Office with an account that has permission to open this message. You may request permissions from johndoe@Company portal .com.'

You are presented with two options that you can click on: 'Request Permissions' or 'Cancel'

If you click on 'Request permissions', it just opens a blank email with the email address listed in the message above to send them an email.

Not sure how this will work since the person is receiving a blank email which expects the user composing the email to let them know to also send them the encrypted email?

What I want if possible:

I want our internal users to be able to view all external sent encrypted messages without this step regardless of who saved it. This is only internal users, so no external user without an E3 license tied to our tenant.

I would appreciate if anyone with expertise can assist without telling me to purchase more licenses or add more bolt on options to E3 licensing, if possible.

Regards,
George

Outlook Management
Outlook Management
Outlook: A family of Microsoft email and calendar products.Management: The act or process of organizing, handling, directing or controlling something.
4,870 questions
Office Management
Office Management
Office: A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.Management: The act or process of organizing, handling, directing or controlling something.
1,996 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,332 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Joyce Shen - MSFT 16,641 Reputation points
    2020-12-09T05:36:01.277+00:00

    Hi @GeorgeO-2843

    How did you save the encrypted email to fileserver?

    The recipients of the encrypted message have permission to access the mail and attachment in it, other users will not be able to access them, this is the expected behavior. And I'm afraid there is also no other configuration can be set on server to let all internal users to access the mail.

    Or you may consider sending encrypted messages to a shared mailbox, and grant full access permission to your internal users so they will be able to access the encrypted message.

    Detailed information here: Can I open encrypted messages sent to a shared mailbox?

    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
     

    1 person found this answer helpful.