Q. What are some of the main differences between MailGate and O365.
- Users are no longer required to register. A passcode is sent to the user in a separate email or the user signs into the their Microsoft account.
- Encrypted Messages are no longer stored in a mailbox online. The message is stored as an email attachment sent to the recipient.
- Since the encrypted message is an attachment. To open the message, the user opens the attachment instead of clicking on a link to login to their online mailbox.
- Retention is no longer required.
Q. My users send encrypted email messages to recipients outside our organization. Is there anything that external recipients have to do in order to read and reply to email messages that are encrypted with Office 365 Message Encryption?
Recipients outside your organization who receive Office 365 encrypted messages can view them in one of two ways:
By signing in with a Microsoft account or a work or school account associated with Office 365. For details, see Send, view, and reply to encrypted messages.
By using a one-time passcode. To learn more, see Use a one-time passcode to view an encrypted message.
Q. Are Office 365 encrypted messages stored in the cloud or on Microsoft servers?
No, the encrypted messages are kept on the recipient’s email system, and when the recipient opens the message, it is temporarily posted for viewing on Office 365 servers. The messages are not stored there.
Q. Can I customize encrypted email messages with my brand?
Q. Does the service require a license for every user in my organization?
A license is required for every user in the organization who sends encrypted email.
Q. Do external recipients require subscriptions?
No, external recipients do not require a subscription to read or reply to encrypted messages.
Q. How is Office 365 Message Encryption different from S/MIME?
S/MIME is essentially a client-side encryption technology, and requires complicated certificate management and publishing infrastructure. Office 365 Message Encryption uses transport rules and does not depend on certificate publishing.
Q. How does Office 365 Message Encryption work?
Visit Encryption in Office 365.
Q. Can I read the encrypted messages over mobile devices?
Yes, you can view messages on Android and iOS by downloading the OME Viewer apps from the Google Play store and the Apple App store. Open the HTML attachment in the OME Viewer app and then follow the instructions to open your encrypted message. For other mobile devices, you can open the HTML attachment as long as your mail client supports Form Post.
Q. Are replies and forwarded messages encrypted?
Yes. Responses continue to be encrypted throughout the duration of the thread.
Q. Does Office 365 Message Encryption provide localization?
Incoming email and HTML content is localized based on sender email settings. The viewing portal is localized based on recipient's browser settings. However, the actual body (content) of encrypted message isn't localized.
Q. What encryption method is used for Office 365 Message Encryption?
Office 365 Message Encryption uses Rights Management Services (RMS) as its encryption infrastructure. The encryption method used depends on where you obtain the RMS keys used to encrypt and decrypt messages.
Cryptographic Mode 2 is used. Cryptographic Mode 2 is an updated and enhanced AD RMS cryptographic implementation. It supports RSA 2048 for signature and encryption, and supports SHA-256 for signature.
Q. Why do some encrypted messages say they come from Office365@messaging.microsoft.com?
When an encrypted reply is sent from the encryption portal or through the OME Viewer app, the sending email address is set to Office365@messaging.microsoft.com because the encrypted message is sent through a Microsoft endpoint. This helps to prevent encrypted messages from being marked as spam. The displayed name on the email and the address within the encryption portal aren't changed because of this labeling. Also, this labeling only applies to messages sent through the portal, not through any other email client.
Q. How many recipients can I send an Office 365 encrypted message to?
The recipient limit for an encrypted message is based on the number of characters in the message’s To field. When combined (after distribution list expansion), recipient addresses in the To field should not exceed 11,980 characters. Because email addresses can vary in character length, there isn’t a standard recipient limit for a single encrypted message.
Q. Is it possible to revoke a message sent to a particular recipient?
No. You can’t revoke a message to a particular person after it’s sent.