Microsoft 365 Message Center Archive

MC1072404 - New Microsoft Outlook and Outlook for the web: Admin setting for inheriting a S/MIME signature on reply

Message ID

MC1072404

View in Message Center

Service

Exchange Online
Microsoft 365 for the web
Microsoft 365 apps

Published

May 12, 2025

Tag

Feature update
User impact
Admin impact

Summary

New Microsoft Outlook for Windows desktop and Outlook for the web will support an admin setting to define S/MIME signature inheritance in replies. Rollout begins in May 2025. Admins can use the `NoSignOnReply` setting to manage this feature via Microsoft Entra ID or Exchange Management Shell. No immediate action required.

More information

New Microsoft Outlook for Windows desktop and Microsoft Outlook for the web will soon support an admin setting to define the application of S/MIME signatures in "reply to" scenarios. This setting enables admins to define if an S/MIME signature will be inherited by default in Reply and Reply all scenarios.

When this will happen:

For new Outlook for Windows desktop:

  • General Availability (Worldwide): we will begin rolling out mid-May 2025 and expect to complete by late May 2025.
  • General Availability (GCC): We will begin rolling out late May 2025 and expect to complete by early June 2025.

For Outlook for the web:

  • General Availability (Worldwide): We will begin rolling out early June 2025 and expect to complete by mid-June 2025.
  • General Availability (GCC): We will begin rolling out mid-June 2025 and expect to complete by late June 2025.

How this will affect your organization:

After this rollout, you can use the new setting called NoSignOnReply to define Signing on Reply and Reply all. Using this setting, admins can define inheritance of S/MIME signature for its users. The NoSignOnReply setting is available in Microsoft Entra ID (formerly Active Directory).

NoSignOnReply = $False. This is the default state. When value = False, Reply and Reply all will inherit the S/MIME signature. Users will need to go to S/MIME settings and remove S/MIME signature.

NoSignOnReply = $True. Reply and Reply all will not inherit S/MIME signature. In cases where incoming email has S/MIME encryption and a signature attached, this setting will only inherit encryption and not the signature. This setting can be useful in scenarios where your organization has not configured S/MIME signatures for its users.

The default behavior is consistent with classic Outlook.

As an alternative, admins can configure this setting with the cmdlet Set-SmimeConfig (Set-SmimeConfig (ExchangePowerShell) | Microsoft Learn. Admins can configure this setting in the Microsoft Exchange Management Shell or the Microsoft Exchange Online Shell.

What you need to do to prepare:

This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to assess the impact on your organization. You may want to notify your users or admins about this change and update any relevant documentation.

If your organization does not use S/MIME emails, you do not need to take any action.

If your organization has enabled communications with S/MIME, you may need to review this setting based on your preferences for the behavior.

Learn more about this new setting and other S/MIME settings available for admins to define: Set-SmimeConfig (ExchangePowerShell) | Microsoft Learn

#newoutlookforwindows