[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 217
  • Last Modified:

Is mail in Outlook normally encrypted?

If I send mail internally from myself to a another member of my company is that mail encrypted end to end?

How about if either of us access that email by Outlook Web Access?

Can someone use packet captures to gain information in the email in transit through the corporate network or Internet?
0
Dragon0x40
Asked:
Dragon0x40
3 Solutions
 
Timothy McCartneySYS ADMINISTR I INFRASCommented:
By default, emails are not encrypted. Below is a link that should help you though.

http://office.microsoft.com/en-us/outlook-help/encrypt-e-mail-messages-HP001230536.aspx
0
 
khairilCommented:
Hi,

By default, email send using base64 encoding, which means someone can snoop the packet internally or externally. Your mail admin also have privillage to read it if they want to.

It is only encrypted end to end when you use Trust Center, which also means that you need to have key pair - using your private key to encrypt message and the reciver will use your public key to decrypt it back. You might need to have proper PKI infrastucture for this. So that all person have their own private key and establish their public key.

Here is the cheap way of doing this using free valid CA comodo cert, http://www.robkerr.com/2008/04/encrypted-e-mail-in-outlook-for-free.html

You also might want to have a look on this as another solution using your own PGP cert. (Basically for me, I prefer above because over here your cert is not sign by valid CA), http://www.emailprivacy.info/privacy_pgp

You might have some issue when opening encrypted email via web (OWA). I never experienced it, but one thing for sure, you'll need to have public key on that computer too to open your email.
0
 
RadweldCommented:
Also does depend on the version of outlook and the version of exchange. With exchange 07 or 10 and outlook o7 or 10 it's easy to encrypt the rpc connection thus end to end is protected.

However mailflow over the Internet is not encrypted. You can use transport layer security (TLS) but that's usually only beneficial when you and a partner wish to exchange mail securely.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now