Currently the company I work for uses opportunistic TLS and over 90% of our email goes out encrypted (TLS). We are considering changing it so that if the client server can't accept the encrypted email then the email goes out through the email gateway with a link to download the email from a secure site.
I would like to know what issues other companies experienced when they went to a 100% outbound encrypted email policy. Did you run into any issues such as working with the government or any customers that have a policy that they only except unenctyped email? Do you have any recommendations or got-cha's when you changed the policy?
I did read this EE response and found it very helpful. https://www.experts-exchange.com/questions/28993783/TLS-email-arrangement-office365.html
We use O365 for our email with a 3rd party email gateway for scanning and encryption.