How to disable the Encrypt-Only feature in Outlook


Office 365 ProPlus is being renamed to Microsoft 365 Apps for enterprise. For more information about this change, read this blog post.

Original KB number: 4493792


In Microsoft Outlook for Office 365, when the new Office 365 Message Encryption Capabilities feature is enabled, Encrypt-Only  is added as a new ad-hoc template. Encrypt-Only  enables message encryption without rights restrictions. This article describes how to disable the Encrypt-Only option in Outlook.

For more information about the feature, see Encrypt-Only option for emails.

More information

You can disable the Encrypt-Only option on the Encrypt  list without also disabling Message Classification. To do this, apply the following registry key.


This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756 How to back up and restore the registry in Windows

  1. In Registry Editor, locate and select the following registry subkey:


  2. On the Edit menu, point to New, and then select DWORD (32-bit) Value.

  3. Type DisableEO, and then press Enter.

  4. In the Detail pane, right-click DisableEO, and then select Modify.

  5. In the Value data box, type 1, and then select OK.

  6. On the Edit menu, point to New, and then select String Value.

  7. Type DefaultPermissionTemplateGuid, and then press Enter.

  8. In the Detail pane, right-click DefaultPermissionTemplateGuid, and then select Modify.

  9. In the Value data box, type irmdnf, and then select OK.

  10. Exit Registry Editor.