Error message: “This mail cannot be sent encrypted. It is possible that the mail was generated outside Outlook, e.g. by an external application.”

It may happen that you want to encrypt an email but you get the following error message in Outlook:

When does the error occur?

This error always occurs when the email to be encrypted was not created directly in Outlook.

One example can be that the email is created by an external application (e.g. DATEV but can be any other). Another example can be the context menu of Microsoft when you click with the right mouse button on a file and want to send it by email.

Why does the error occur?

When an external application generates an email the MAPI interface is served by Outlook. Outlook processes the MAPI call but handles the email differently than if it had been created directly in Outlook. Specifically the issue is that Outlook does not store the sender of the email (even if it is visually displayed) when this email is created.

With REDDCRYPT the sender is required to digitally sign the email before it is sent.

This problem does not only affect REDDCRYPT but all third-party providers that rely on the sender of the email for their integration. Even Microsoft itself has this problem and cannot (or does not want to) solve it (see e.g. https://docs.microsoft.com/en-US/outlook/troubleshoot/message-body/outside-messages-not-include-email-signature).

Workaround

Since Microsoft explains in the linked above that it does not want to fix this bug the only way to encrypt the email with REDDCRYPT is as follows:

• Save the email as a draft
• Close the email
• Go to the folder with the drafts and open the email again

Now Outlook handles the email as if it had been created directly in Outlook, enters the sender correctly and you can encrypt and send the email regularly.