We have an situation. Our customer can get sMIME encrypted mails and reply to that email. But when he wants to send it with new email he is getting an error message as if the recipient email does not have an public key.
So we have checked the certificate and it is valid (timewise). Also we tried to import that certificate to microsoft certificate. Nothing helped us to solve the problem. Customer has both terminal server and seperate laptop result is the same...
So microsoft website says : (https://support.office.com/en-us/article/encrypt-messages-by-using-s-mime-in-outlook-web-app-2e57e4bd-4cc2-4531-9a39-426e7c873e26)
S/MIME message encryption is supported only on messages sent to and from recipients in your organization’s address list. If you send an encrypted message to someone outside your organization, they will not be able to decrypt and read the message.
I have seen in stackexchange this question (Outlook 2010 cannot reply to encrypted email) but customer uses outlook2016 and that question was also not answered?
so here are the questions : 1- Where does outlook keep the (public) certificates of the received emails. 2- What is said in microsoft link above can that be correct? (i feel it is not correct) 3- To send an encrypted email should outlook first get the certificate of the recipient? if so how does this process work? which ports, protocols and what if there are spamgateways in the address shown by mx record?
Thank you.
