Service Desk

Information Technology Services

Email Encryption

Encryption is now available within Office 365.  The current rule will encrypt email from an address with the word [Encrypt] anywhere in the subject line.

The email recipient can be an internal Cal Poly address or an external address.

Sending an Encrypted Message

  1. A Cal Poly Office 365 user encrypts a message by adding [Encrypt] anywhere in the Subject line and sends the message.
  2. Microsoft detects the [Encrypt] trigger, encrypts the message and sends it to the recipient.
  3. The recipient receives a notification that they have been sent an encrypted message. The message contains an HTML attachment with some instructions and two options to access the message.
    Recipient Encrypted Message Instructions

Viewing the Encrypted Message

  1. The first option is for the user to view the message by logging in with their Office 365 account.
  2. If the recipient is not on Office 365, the recipient will need to request a one-time passcode. The code is emailed to the address to which the encrypted message was sent to. The recipient enters the code on the login page and has the option to have the code work for only 15 minutes (default) or extend this to 12 hours if they are on a private computer. The recipient can always request another code if the first code expires.
    Viewing Encrypted Message
  3. The message is then temporarily loaded into the Microsoft encrypted server to be displayed for the recipient. The recipient can reply or forward the message from this area if they wish. A reply or forward from this interface will be sent as an encrypted message, even from external users.

Additional Information on Encryption

  1. Inbound messages coming from addresses with [Encrypt] in the Subject will not be encrypted.
  2. Messages sent to a Sympa email list will have mixed results.  List members could possibly open the message using the one-time passcode method but only if the email list is configured to allow the Microsoft server to send the code to the list.  The Sympa list would need to be configured to have the Send option set to Public, or have the account listed as an owner/moderator.
  3. Messages sent from:
    • An IMAP client which is using the Cal Poly outgoing mail servers  ( or will not be encrypted to either internal or external users. These messages are routed by the Ironport servers, which do not contain the encryption processing.
    • An IMAP client that is using Microsoft's outgoing mail server ( will be encrypted to both internal and external recipients.
    • Any email client using an Exchange setup will be encrypted to both internal and external recipients. This is the recommended setup for campus desktop Outlook clients and most mobile email clients

Related Content

Service Catalog

Service Catalog


Find the technical services you need, get more information or find help in the Service Catalog. 

See our Service Catalog

Get Help


Get Help

Check Out

Equipment Checkout

Book a variety of equipment from the Media Resource Center online with Connect2.

Check Out Equipment

Office 365

Microsoft Office 365 Education provides improved mail, calendar, file storage & sharing.

Learn about Office 365


Secure Mustang Wireless gives you a secure Wi-Fi connection on campus.


Secure Mustang Wireless