Share via

Labeled and encrypted Mails in Shared Mailbox

Zollt, Philipp 0 Reputation points
2025-08-13T12:31:45.19+00:00

Depending on the encryption configuration, it is not possible to open a message encrypted via a Sensitivity Label from a shared mailbox using Outlook New or Outlook on the Web. This results in an endless loop prompting the end user to open the message in a different context. However, selecting "Read the message" leads to the same recurring message. We discussed this topic in different cases but were not able to resolve the issue.

Below is a more detailed description of the problematic scenario:

Affected Clients:

  • Outlook New (Windows & Mac), Outlook on the Web (presumably also Mobile)

Sensitivity Label Configuration:

  • Active encryption
  • Centrally predefined access permissions
  • Permission assignment (e.g., Co-Owner) to individual users and/or groups

Identities:

Shared Mailbox:

  • The user object is not included in the label’s permission assignment

Affected users (everyone):

  • Have full access to the shared mailbox
  • Are included as Co-Authors in the label’s permission assignment

Issue: The user sends a labeled email to the shared mailbox, to which they also have full access. For example, the same user then navigates to the shared mailbox to open the encrypted email. Instead of the message content, the typical notification indicating a protected/encrypted email is shown, offering a deep link to open the message in Outlook on the Web. However, selecting the "Read the message" link only opens the same notification again in the context of the shared mailbox, causing the end user to enter an endless loop of newly opened prompts/tabs.

Image of the Message: image.png

Known Workarounds:

  • The email is displayed correctly in Outlook Classic
  • The email can be moved or forwarded to the personal mailbox and opened there → However, this is not a sustainable process
  • If the user object of the shared mailbox is added to the label’s permission assignment, the message can be opened without issue → However, there are discrepancies between users who are authorized for the mailbox and those who have access to labeled content

The workarounds outlined in the following articles could not resolve the issue:

Many thanks and regards

Outlook | Web | Outlook on the web for business | Security
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Gary Thonert 5 Reputation points
    2026-03-06T13:04:04.89+00:00

    Hi jumping in on that topic

    I can confirm the mentioned behavior is still the case

    We just implemented Sensitivity labels for all personal mailboxes via Purviews Information Protection.

    When it comes to the case that an automapped shared mailbox receiving an mail labeled as confidential with (encrypt only) and the user is trying to read or answer to the message the user is receiving an "message couldnt be sended". If the user is approaching OWA using the full access right it is possible to answer that mail

    This can impact the whole organisation as we have a couple of process where users need to work with automapped shared mailboxes.

    Best

    Gry

    1 person found this answer helpful.
    0 comments
  2. Henry-N 10,540 Reputation points Microsoft External Staff Moderator
    2025-08-13T15:36:14.8033333+00:00

    Hi @Zollt, Philipp,  

    Thank you for posting your question in the Microsoft Q&A forum. 

    Regarding that it is not possible to open a message encrypted via a Sensitivity Label from a shared mailbox using Outlook New or Outlook on the Web . I’d like to ask a few quick questions to better understand your situation and assist you more effectively: 

    • Are you using Sensitivity Labels from Microsoft Purview Information Protection? 
    • Is the encryption applied via Do Not Forward, Encrypt-Only, or a custom label policy
    • How is the shared mailbox accessed?  (Full Access permissions, Send As, or via delegation?) 
    • Do users need to read, reply, or forward encrypted emails from the shared mailbox? 
    • Is the issue that encrypted emails cannot be opened in the shared mailbox? 
    • Or that labels are not applying correctly when sending from the shared mailbox? 
    • Why do you want to encrypted and labeled the mail at the same time ?

    Since this is a difficult issue so I need to take some information first so that I could give you suitable tips for your issue. 

    I'm sincerely sorry for the inconvenience that you've encountered. But I need to know more about your situation so I can help you better. I appreciate your patience and are here to help. Looking forward to your response 

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.  User's image

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.