Outlook – Unable to read an email protected by Rights Management Service

emailmicrosoft-outlookSecurityssltls

My colleague received an email from H company. This email is protected by Microsoft Rights Management Service.

His email client is Outlook Express, and he use POP3 to received it to local disk (the mail is deleted from the mail server). Outlook Express only show a short description about RMS and an attachment named message.rmmsg. So I Installed an Microsoft Outlook 2010 on another machine, and forward the whole original email (as an attachment – SUBJECT.eml) to his own mail address, and try to read the attachment in Outlook 2010.

At first, I encountered "This service is temporarily unavailable" when connecting RMS server of H company, and after some struggling I found a solution here: uncheck IE->Tools->Options->Advanced->Settings->Check for publisher's certificate revocation and Check for server certificate revocation.

Now, when I try to read this attachment email, Outlook 2010 keeps asking for a Username & Password even if I input the correct mail account of my colleague and password.

Outlook 2010 keeps asking for username & password

What's wrong? Did I inputed usernamd & password of a wrong realm? Do my colleague need to ask the sender for a username & password to read this email? Or, does the RMS protect email from reading from an .eml attachment (I mean, do my colleague need to ask the sender to send the email again?)?

How can my colleague read the email?

update 2014-11-05

I also use my colleague's email address applied an account on RMS for individuals according this article: View and use files that have been protected by Rights Management. But still I got same result (keeps asking for username & password) even if I entered password of either RMS accout or email account.

I use wireshark captured the data communicated between RMS server and my computer, the RMS server returns Encrypted Alert.

Screenshot of one packet captured by Wireshark: Encrypted Alert. Content Type: 21

Best Answer

Reference Introduction to IRM for email messages:

Download permissions

The first time that you try to open an email message that uses restricted permission, you are then connected to a licensing server. If the licensing server verifies your credentials, it issues a use license, which defines the level of access that you have to a file. This process is required for each file that uses restricted permission. In other words, content with restricted permission can’t be opened if the licensing server hasn’t issued you a use license for that content.

Downloading permissions requires that Microsoft Office send your credentials (which includes your email address) and information about your permission rights to the licensing server. Information that is contained in the message isn’t sent to the licensing server. For more information, read the Privacy Statement.

The message "This service is temporarily unavailable" when connecting RMS server of H company implies that you are unable to get a "use licence". From above:

Content with restricted permission can’t be opened if the licensing server hasn’t issued you a use license for that content

View messages when IRM isn’t available

If you must read or open content with restricted permission but Microsoft Office 2010 isn’t available on the computer that you are using, you can use a web browser. If you use Outlook Web Access (OWA), you can view restricted messages on any browser.

You can use Outlook Web Access (OWA) to view the restricted messages using any browser.

Or you can view the messages in Windows Internet Explorer if you download the Rights Management Add-on for Internet Explorer. However, this doesn’t enable you to reply to, forward, copy, or print the messages. When using the Rights Management Add-on to view messages, attachments that might were sent with the message can’t be viewed.

So, you be able to at least view the message using the Rights Management Add-on for Internet Explorer. However this doesn't work for attachments.

Related Question