Office 365 transportrule that reject mails without encryption.

macxpres
macxpres used Ask the Experts™
on
Office 365 transportrule that reject mails without encryption.
We have a domain secure.xx that only needs to send encrypted mails using a 3rd part supplier using one specific email address.
I would like to create a transportrule that rejects other users from sending mails without encryption.
I know the -ExceptIfMessageTypeMatches "Encrypted" but I can't find a solution to add an "unencrypted" switch.
Any ideas?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Shreedhar EtteTechnical Manager
Top Expert 2010

Commented:
I could not understand you request. Please try to re-articulate the question.
Most Valuable Expert 2015
Distinguished Expert 2018

Commented:
What kind of encryption are we talking about here? If you need to ensure (mutual) TLS, best use connectors: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner

If you want to encrypt the message with RMS/AIP, you can do so with transport rules, and instead of rejecting the message put a "mandatory" encrypt action on it: https://docs.microsoft.com/en-us/office365/securitycompliance/define-mail-flow-rules-to-encrypt-email

For S/MIME or PGP are client-side, you cannot enforce much control there.

Author

Commented:
I'll talk to our supplier of the secure mail system and find a solution. Thanks for replying to my question.
Commented:
...

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial