Skip to content

How RG Email Sidebar Works with Encrypted and Signed Emails

For users of the Email Sidebar on:

3 min read

What are encrypting and digital signature

Encrypting an e-mail message in Microsoft Office Outlook protects the privacy of a message by converting it from (readable) plain-text into (scrambled) cipher-text. Only the recipient who has the private key that matches the public key used to encrypt the message can decipher the message for reading. Any recipient without the corresponding private key would see only garbled text. More details about encrypted email can be found here.

A digital signature attached to an e-mail message offers another layer of security by assuring the recipient that you – not an imposter – signed the contents of the email message. Your digital signature, which includes your certificate and public key, originates from your digital ID. And that digital ID serves as your unique digital mark and signals the recipient that the content hasn’t been altered in transit. More details about the signed email can be found here.



How encrypting and digital signature works

The Add-In supports native MS Outlook encryption functionality with certificates issued by different vendors.

After MS Outlook is configured to encrypt emails, new buttons “Encrypt” and “Sign” are added to the ribbon of the e-mail.


If an email is encrypted or signed, you will see a corresponding icon on it.


In order to exchange with encrypted email, both users should obtain email certificates and exchange with certificate public keys.



Support of encrypted and signed emails

The complicated encryption and digital signing logic create many limitations which prevent RG Sync and Add-In from properly operating.

In case you select an encrypted and/or signed email message and try to open the Add-In, the following error message will occur:

You cannot perform this action. Permission to this message is restricted.”


This is a MS Outlook message, not an Add-In error. MS Outlook prevents add-in opening as it is not allowed to perform any operations with such email messages.

If the user adds a “Salesforce” category to save encrypted/signed email, the category will be added, but the email won’t be saved to Salesforce.

As a result, because of existing Microsoft limitations, there is no way to save encrypted or/and signed email messages to Salesforce using the Add-In.



Exclusions (Microsoft update)


You can find the reference article on Microsoft update here

The most important points regarding the update are:

  • Add-ins activate on digitally signed messages in MS Outlook associated with a Microsoft 365 subscription. On Windows, this support was introduced with build 8711.1000

  • Starting with MS Outlook build 13229.10000 on Windows, add-ins can now activate on items protected by Information Rights Management (IRM). For more information about this feature in preview, refer to Add-In activation on items protected by IRM



Back to top