I'm looking for a way to ensure that emails sent from a third-party vendor to one of our distribution groups are encrypted. However, I'm struggling to find a solution since Exchange Online doesn't allow adding distribution groups as a SentTo condition. Has anyone figured out a way to make this work?
5 Answers
If the vendor is sending emails unencrypted, then just relaying those emails unencrypted doesn't really make things any more secure. The key issue is on their end to ensure encryption, not yours.
The third-party vendor needs to handle the encryption themselves. You can’t enforce encryption on their end. If you’re expecting that everything received will be encrypted after it arrives, you won’t gain any real security benefits. Also, if you need full encryption for secure communication, consider whether email is the best method for you.
Are you trying to encrypt emails coming in from the vendor to your distribution group, or are you looking to encrypt emails sent out to them from your side? It's essential to clarify this.
Ultimately, the sender must encrypt the emails. Trying to enforce encryption on your end after receiving unencrypted emails doesn't provide the intended security, as the messages are already vulnerable during transit.
What does encryption mean to you in this context? While most emails are sent securely with opportunistic TLS, many vendors need both sides to be set up for forced TLS. This is especially common with banking or sensitive data.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures