Message Classifications allow users to assign a tag to a message, such as marking it confidential. These informations, in Exchange Server and Outlook, are treated in a special fashion. When a message is classified, the message contains specific metadata that describes the intended use or audience of the message.
Classifications can be created only through EMS:
[PS] C:\Windows\system32>New-MessageClassification -Name "my classification" -DisplayName "MC" -RecipientDescription "This message may containt confidental information" -SenderDescription "Handle with care"
- -RecipientDescription specifies text visible on recipient side.
- -SenderDescription text visible on sender side.
After creating, Classifications need to be exported to xml file. Scripts folder in Exchange install directory contains script Export-OutlookClassification.ps1 which exports classifications:
[PS] C:\>cd "C:\Program Files\Microsoft\Exchange Server\V15\Scripts" [PS] C:\>C:\Program Files\Microsoft\Exchange Server\V15\Scripts>.\Export-OutlookClassification.ps1 > C:\1.xml Classifications needs to be imported to outlook on every workstations through registry keys.
We are suprised that Microsoft didn’t find more elegant way for importing classifications.
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Policy] office 2007 "AdminClassificationPath"="C:\\Users\\Public\\MessageClassifications.xml" "EnableClassifications"=dword:00000001 "TrustClassifications"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Policy] office 2010 "AdminClassificationPath"="C:\\Users\\Public\\MessageClassifications.xml" "EnableClassifications"=dword:00000001 "TrustClassifications"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Policy] office 2013 "AdminClassificationPath"="C:\\Users\\Public\\MessageClassifications.xml" "EnableClassifications"=dword:00000001 "TrustClassifications"=dword:00000001
- AdminClassificationPath: Specifies the full path and filename of the exported XML.
- EnableClassifications: enables (1) or disables (0) classifications.
- TrustClassifications: Outlook trusts classifications on messages that are sent to users on legacy Exchange Server Mailbox servers (1) or not (0).
In case you must deploy classifications on many computers (Outlook 2013), we created a little batch script which can be deployed via GPO or PSExec tool:
REG ADD HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Policy /f /v AdminClassificationPath /t REG_SZ /d c:\\1.xml REG ADD HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Policy /f /v EnableClassifications /t REG_DWORD /d 00000001 REG ADD HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Policy /f /v TrustClassifications /t REG_DWORD /d 00000001
Restart Outlook,compose New message > Options > Permission (click little “triangle” and choose the desidered classification).
Sender’s perspective:
Receiver’s side:
Using Message Classifications in Exchange Online
After connecting to Exchange Online PowerShell you can use the following command to list message classifications in place:
Get-MessageClassification
To add a new classification, use the following cmdlet, subsitution the Name (used in the EAC or PowerShell, but not seen by users), DisplayName (seen in the drop-down list) and SenderDescription (shown in Outlook or OWA after selecting the classication):
New-MessageClassification -Name-DisplayName "Display Name" -SenderDescription "Shown to users"
After creating the new Message Classification, end-users will see this within Outlook Web App.
To allow this to show in Outlook 2007, 2010 or 2013 export the Message Classifications as an XML file using the following script (from Exchange 2013):
$classifications = Get-MessageClassification $holder = "< ?xml version='"1.0'" ?>`n<Classifications>'n" if ($classifications) { foreach ($i in $classifications) { if ($i.RetainClassificationEnabled) { $retain = "'n't't<AutoClassifyReplies/>" } else { $retain = "" } $displayName = $i.DisplayName $description = $i.SenderDescription $id = $i.ClassificationID $holder += "'t<Classification>'n't't<Name>$displayName</Name>'n't't<Description>$description</Description> 'n't't<Guid>$id</Guid>$retain'n't</Classification>`n" } } $holder += "</Classifications>`n" $holder > MessageClassifications.xml
You then need to deploy the MessageClassifications.xml file to workstations. You can use Group Policy preferences to do this. A recommendation is to deploy the file using Computer Preferences to a location all users on each machine can access, for example:
C:\Users\Public\MessageClassifications.xml
Finally deploy registry settings to each user, again - easily accomplished in minutes using Group Policy Preferences. If you prefer to use a .REG file to test or deploy, use the following settings (which will apply to Outlook 2007, 2010 and 2013):
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Policy] "AdminClassificationPath"="C:\\Users\\Public\\MessageClassifications.xml" "EnableClassifications"=dword:00000001 "TrustClassifications"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Policy] "AdminClassificationPath"="C:\\Users\\Public\\MessageClassifications.xml" "EnableClassifications"=dword:00000001 "TrustClassifications"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Policy] "AdminClassificationPath"="C:\\Users\\Public\\MessageClassifications.xml" "EnableClassifications"=dword:00000001 "TrustClassifications"=dword:00000001
After deploying the registry settings, users will see the Message Classification drop-down list in Outlook clients, in addition to OWA.
You can then perform actions based on Message Classifications using Transport Rules.