1

Recently, I have noticed that when I send an email to a Gmail account from Outlook 2016, the recipient sees a question mark next to my email address as follows:

enter image description here

The question mark only appears when I send an email from Outlook 2016. When I send an email directly from the Webmail/Server, the question mark does not appear. Thus indicating, the issue likes within Outlook 2016.

Upon reading up on the matter, I have come across a few articles citing the issue lies with the Authentication issues. In other words, I need to assign a Digital ID to the outgoing email(s), so that the recipient is able to verify that the email came from myself and has not been tampered, after it has left my Outbox.

In order to obtain an email certificate, I headed over to Comodo. Here, I downloaded the Email Certificate and installed it on my Computer, by simply following the Import Wizard, as follows:

enter image description here enter image description here enter image description here enter image description here

I then headed over to Outlook > Options > Trust Center > Trust Center Settings > Email Security and saw that the Email Certificate had been auto populated as follows:

enter image description here

As far as I am aware, this is all I have to do in order to 'activate' the Digital ID and thus Authenticate the emails. Do I need to select the 'Import/Export' button, under 'Digital IDs (Certificates)', and modify additional Settings? If so, I am not sure on the relevant steps as I just seem to go around in circles with the Import/Export process.

I then head to create a new email, ensuring the following are selected in the Ribbon:

enter image description here

Despite following the above, I still get the question mark in Gmail, stating that I still need to authenticate the email.

Is anyone able to see where I may be going wrong here?

Improve this question
8
  • While I've answered your actual question (about using certs in Outlook), it would help if you provided more information about the problem. Phrases like "it appears that the email is not authenticated" suggest that you may have misunderstood the problem, and possibly not be trying to solve it the right way. I recommend attaching screenshots of the warning, or at the very least providing the entire text of the warnings and the reason you concluded that a digital signature was what you needed.
    – CBHacking
    Commented Jan 11, 2018 at 2:27
  • Thanks for your time with your answer and comment. I have extended my question, with added detail. I hope this helps clarify my question, furthermore.
    – Craig
    Commented Jan 11, 2018 at 3:44
  • If you're able to use Outlook's signed email feature, then that is working. I thought you meant you were seeing the ? in Outlook, rather than in the Gmail web interface. Given that it's in the Gmail interface, it's almost certainly a Gmail thing, not an Outlook thing. While there might be something Outlook can do that Gmail wants/expects it to do, S/MIME (certificate-based signed and/or encrypted mail) is not going to be the fix. While many email client apps (including, of course, Outlook) support S/MIME, Gmail doesn't support it at all.
    – CBHacking
    Commented Jan 11, 2018 at 4:11
  • Ahhhh right. Is there a way around this, since I do not have this issue when sending emails via Webmail?
    – Craig
    Commented Jan 11, 2018 at 4:15
  • You're going to need to investigate why Gmail shows those ?s more closely. Are you perhaps sending from an email address other than the primary one on your Gmail account (e.g. if your Gmail is [email protected] but you're sending from [email protected])? Gmail supports sending from multiple addresses but you need to verify for each address that you own it.
    – CBHacking
    Commented Jan 11, 2018 at 4:16

1 Answer 1

Reset to default
0

A personal certificate (such as you might get from Comodo, and which has an associated private key) lets you sign a message as Definitely From You, though the recipient will need to see and trust the certificate to verify the authenticity of the signature. Outlook (by default) automatically sends the certificate with any signed message, though it also probably is not signing the messages by default (you have to change a setting, or toggle signing on each message).

If you want to ensure that the email message isn't going to anybody other than the recipient, you need to have a certificate for the recipient, and you use that to encrypt the message to the recipient. You can only encrypt to people whose certificates you have. You can install people's certificates the same way you install any other certificate in Windows - double-click the file and select Import - or Outlook will do it automatically if they send you a signed message and you try to reply.

Together, signing and encrypting a message provides good security; you know where the message came from (and that it wasn't tampered with in transit), and you know where it went to (or at least, you know that nobody else was able to decrypt it).

In order to set up email encryption and signing (and change the default settings) in Outlook, you go to File -> Options -> Trust Center -> Trust Center Settings -> E-mail Security.

With that said, while I've attempted to answer the question you actually asked, you might be having a different problem. I'd guess that the problem is that you normally use Outlook with co-workers, and send them emails that your Exchange server can verify are correct and trusted. When you send email to any external address - such as a Gmail address, but I would expect it to happen with other external addresses too - Outlook can't verify who the recipient is, and is warning you that you might be sending to somebody you don't mean to (or just that you are sending to outside the company in general).

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .