S/MIME interoperability with external clients:

This policy setting controls whether Outlook decodes encrypted messages itself or passes them to an external program for processing.

If you enable this policy setting, you can choose from three options for configuring external S/MIME clients:

- Handle internally. Outlook decrypts all S/MIME messages itself.
- Handle externally. Outlook hands all S/MIME messages off to the configured external program.
- Handle if possible. Outlook attempts to decrypt all S/MIME messages itself. If it cannot decrypt a message, Outlook hands the message off to the configured external program. This option is the default configuration.

If you disable or do not configure this policy setting, the behavior is the equivalent of selecting Enabled – Handle if possible.

Supported on: At least Windows 7

Behavior for handling S/MIME messages:


  1. Handle internally
    Registry HiveHKEY_CURRENT_USER
    Registry Pathsoftware\policies\microsoft\office\16.0\outlook\security
    Value Nameexternalsmime
    Value TypeREG_DWORD
    Value0
  2. Handle externally
    Registry HiveHKEY_CURRENT_USER
    Registry Pathsoftware\policies\microsoft\office\16.0\outlook\security
    Value Nameexternalsmime
    Value TypeREG_DWORD
    Value1
  3. Handle if possible
    Registry HiveHKEY_CURRENT_USER
    Registry Pathsoftware\policies\microsoft\office\16.0\outlook\security
    Value Nameexternalsmime
    Value TypeREG_DWORD
    Value2


outlk16.admx

Administrative Templates (Computers)

Administrative Templates (Users)