This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 66%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Since migrating to M365 emails from a particular company that uses digital signatures are being received with no body and the entire email as an attachment. The emails contain a digital signature, which Outlook says is invalid.
When I click on that it brings this up.
The certificate is not expired and the CA is GlobalSign. The same email sent to my Gmail account does not report the signature as invalid. So something specific to 365 is causing the body of these emails to get stripped.
I followed the steps in this article, https://techcommunity.microsoft.com/t5/exchange-team-blog/how-to-configure-s-mime-in-office-365/ba-p/584516, to export the Root and Intermediate certs to an SST and then importing the SST into M365. But it didn't help and email body is still being stripped and emails are still being received as attachments.
We have users who receive a lot of email from this company and having to open an attachment for every email is not efficient.
Is there something I can do to prevent this behavior?
Thanks,
Kenny
Do you have any transport rules that add disclaimers to the messages that come from external senders?
No. No transport rules for inbound at all.
More info on this. Even if Outlook says the digital signature is valid and trusted, the email is still converted to an attachment.
Same issue in OWA or if Outlook is in safe mode?
Yes. Also happens on mobile device using ActiveSync or Outlook mobile.
Ok, I would suggest opening a ticket with Microsoft 365 support. There may be a bigger issue going on.
Already did. So far they have not provided anything.
The article that your provide is detailed for deploy S/MIME. If it doesn't working, I think this issue may need to check from the server side, let's wait for the result from them.