SMTP through Exchange Online with Azure Info Protect
It would be great if mail messages generated and sent via a PowerShell or Telnet SMTP sessioin could make use of Azure Info Protect instead of RMS.
For example, if I enter the command:
PS C:\Users\fakeuser> Send-MailMessage -From noreply@blah.com -To fakedude@gmail.com -Subject "Testing Encryption Again2" -Bo
dy "Test PowerShell message send which should be encrypted" -SmtpServer smtp.office365.com -Credential $msolcred -UseSs
l -Port 587
Currently, I can only get either of 2 outcomes by doing this:
1.) If I change a label to detect the use of a keyword (i.e. the word "credentials") and then apply 'Highly Confidential', AIP does not get enforced by using this SMTP command. The message completely bypasses protection and the message is not encrypted. Users do not get the 'wrapper' e-mail which requires them to go through the Protected Message Portal.
2.) I can create a rule in Exchange Online Admin to force anything from 'noreply@blah.com' to apply a protection 'template' (but not a label) which makes use of the old RMS. Once the e-mail reaches fakedude@gmail.com, they get the wrapper e-mail message, go to the Protected Message Portal, finally landing on a link that says they don't have permission to view the message. This is the way the older RMS worked, in that anyone outside of the domain could not view an RMS protected e-mail.
I raised a trouble ticket with Microsoft on this, (30126-6822280) however they have told me Exchange Online is not currently set-up to work this way.
Vince A
shared this idea
1 comment
-
Anonymous
commented
I tried to apply AIP labels on Emails generated via SMTP Server and its not working, The rule applies on the email and prepends my TEST text on subject but doesn't apply AIP Label.