3.2.5.1 Handling SmartForward and SmartReply Requests

When the client sends the server a SmartForward or SmartReply command request for a message with a rights policy template, the server MUST do the following to enforce the rights policy template:

  1. If no TemplateID element is included in the command request, the server proceeds as follows:

    • If the original message being forwarded or replied to has no rights management restrictions, the server proceeds to step 6.

    • If the original message had rights management restrictions, the server replaces the body of the message with boilerplate text. In a SmartForward command, the rights-managed e-mail message is added as an .rpmsg attachment as specified in [MS-OXORMMS].

  2. If any of the following are true, the server fails the request and returns composemail:Status value 168:

    • The connection to the server does not use SSL.

    • The server does not support IRM features. See section 1.5 for more details.

  3. If the TemplateID element is included in the command request, the server does the following:

    • If the original message is not protected, the server proceeds to step 5. If the template does not exist on the server, the server fails the request and returns a composemail:Status value of 171.

    • If the original message is protected and the specified TemplateID value is the same as the TemplateID value on the original message, the server proceeds to step 4.

    • If the original message is protected and the specified TemplateID value is different than the TemplateID value on the original message, the server verifies that the new TemplateID value exists on the server. If the TemplateID value does not correspond to a template on the server, the server fails the request and returns a composemail:Status value of 171; otherwise, the server proceeds to step 4.

  4. The server compares the recipients on the original message to the recipients sent by the client within the new message. The server verifies that the recipient list on the new message aligns with the granted permissions, as specified in the following table. If permissions allow it, the server creates the reply or forwarded message; otherwise, a composemail:Status value of 172 is returned by the server.

  5. If the message has a TemplateID element, the server protects the new outgoing message with the specified rights policy template.

  6. The server sends the new message.

The following table describes the reply, reply all, and forward enforcement that is performed by the server.

ReplyAllowed

ReplyAllAllowed

ForwardAllowed

Server-side enforcement

ModifyRecipientsAllowed = TRUE

TRUE*

There are no restrictions.

ModifyRecipientsAllowed = FALSE

TRUE*

For reply and reply all, refer to the last four rows in this table.

For forwarding, attach the original message and send it.*

TRUE

TRUE

FALSE

Reply to exactly one recipient or all original recipients. Whether the sender chooses to include themselves in the reply message is optional. All other SmartReply command requests are restricted and error out with a composemail:Status value of 172.

SmartForward requests are restricted and return a composemail:Status value of 172.

TRUE

FALSE

FALSE

Reply to exactly one recipient, the sender of the original message. All other SmartReply command requests are restricted and error out with a composemail:Status value of 172.

SmartForward command requests are restricted and return a composemail:Status value of 172.

FALSE

TRUE

FALSE

Reply to exactly all original recipients. Whether the sender chooses to include themselves in the reply message is optional All other SmartReply command requests are restricted and error out with a composemail:Status value of 172.

SmartForward command requests are restricted and return a composemail:Status value of 172.

FALSE

FALSE

FALSE

All SmartReply and SmartForward command requests error out with a composemail:Status value of 172.

*The server does not enforce the lack of reply and reply all rights.

The following table describes the edit and export enforcement that is performed by the server.

ExportAllowed value

EditAllowed value

composemail:ReplaceMime present?

New message uses the same TemplateID value

New message uses a different TemplateID value

TRUE

TRUE

yes

Send the message.

Send the message.

TRUE

FALSE

yes

Send the message.*

Send the message.*

FALSE

TRUE

yes

Send the message.

Send the message.*

FALSE

FALSE

yes

Send the message.*

Send the message.*

TRUE

TRUE

no

Send the message, including the original message as inline content.

Send the message, including the original message as inline content.

TRUE

FALSE

no

Send the message, including the original message as an attachment.*

Send the message, including the original message as an attachment.*

FALSE

TRUE

no

Send the message, including the original message as inline content.

Send the message, including the original message as an attachment.*

FALSE

FALSE

no

Send the message, including the original message as an attachment.*

Send the message, including the original message as an attachment.*

*In these cases, the client MUST NOT include the original message inline in the new message due to the possible breach of IRM protection.