Share via

Encrypted Emails

Robinson, Lawanda R 0 Reputation points
2026-02-06T15:15:45.6233333+00:00

Recipients are receiving this message "You don't have sufficient permissions to open the mail." when they try to open my encrypted emails.

Outlook | Windows | Classic Outlook for Windows | For business
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Austin-H 8,355 Reputation points Microsoft External Staff Moderator
    2026-02-06T23:43:44.78+00:00

    Hello Robinson, Lawanda R
    Thank you for contacting the Microsoft Q&A forum.  

    To better understand your situation, may I clarify the following? 

    1/ When you mention encrypted email, are you referring to the Encryption options available when composing an email in Classic Outlook? 

    If so, could you share which option you selected from the choices shown in the image? User's image

    2/ Is the recipient internal or external to your organization?  And does the issue affect only a specific recipient, or does it happen with multiple recipients? 

     

    3/ Does the issue also occur when using Outlook on the web?  Knowing this helps determine whether the issue is specific to Classic Outlook or related to an encryption policy. 

    Your additional insights will help me better understand your situation and provide more accurate guidance.  I look forward to hearing from you soon. 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

  2. AI answer

    2026-02-06T15:15:58.0233333+00:00

    The error message "You don't have sufficient permissions to open the mail" typically occurs when the recipient does not have the necessary permissions to access the encrypted email. This can happen for several reasons:

    1. Conditional Access Policies: If there are external-facing conditional access policies in place that block access to the Azure Information Protection (AIP) endpoint, the recipient may not be able to decrypt the email.
    2. Sensitivity Labels: If the sender applied a sensitivity label that restricts access to internal recipients only, external recipients will not be able to open the email.
    3. MFA Policies: Multifactor authentication (MFA) policies may also add an extra layer of security that blocks access to the AIP endpoint.

    To resolve this issue, you may need to check the following:

    • Ensure that the recipient's account is not blocked by any conditional access policies.
    • Verify that the sensitivity label applied to the email allows access to the intended recipients.
    • If MFA is in place, consider allowing the recipient to access the email through Outlook on the web or other supported applications that handle decryption differently.

    For more specific guidance, it may be beneficial to work with your organization's IT or security team to implement the appropriate resolutions based on your environment and security requirements.

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.