As you stated, the group policy objects for Outlook allows you to control the creation but not the viewing. If...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
you are intent on not allow any S/MIME certificates, which are used for encrypting and digitally signing e-mail, you can actually configure your information stores in Exchange so they will not be able store S/MIME; this will also prevent the delivery of signed and encrypted items.
- Using the Exchange System Manager, navigate to the mailbox store that has your user mail on it.
- Now go to the properties page for the mailbox store.
- On the General tab, de-select the checkbox "Clients support S/MIME signatures."
This option was designed to allow compatibility for legacy clients but will have the affect that you are after. On the downside a non-delivery report will be returned to the originator of the encrypted or digitally signed message.
In my humble opinion, though, this is not to be done for security reasons. If you are doing this because your antivirus software doesn't support scanning encrypted e-mail, you should look for one that does, or simply look for one that uses the latest VSAPI (2.5 with Exchange 2003) where S/MIME scanning is supported natively.
Do you have comments on this Ask the Expert Q&A? Let us know.
Dig Deeper on Microsoft Outlook
Related Q&A from Richard Luckett
I have limited drive space on my Exchange Server but need to restore large mailboxes. Can I prevent mailbox restores from a recovery database by ...continue reading
I want to move from a single Exchange 2013 server to multiple servers, including multiple database and client access servers, for HA. What's the best...continue reading
My mailbox migration from Exchange 2010 to Exchange 2013 is moving very slowly. What might be causing this and how can I speed up the process?continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.