In our project a x% of emails are sent encrypted by public authorities.
We do not use Outlook client and the emails are routed directly to CRM as email activities. We then figured out that any encrypted email lands as an email activity with an attachment (.p7m). It is not possible to open/read this attachment, even by a user who has the PKI certificate installed on their local machine. Earlier when the emails were received in Outlook directly, they could open the encrypted emails.
We raised a support ticket with Microsoft and the official reply was that
"Using CRM email router or Server side sync it’s not possible to handle encrypted emails.
We don’t have a way to load the public key from the certificate used for the encryption and for that reason CRM will not be able to do more than extract the smime.p7m attachment
I think that handling PKI encrypted email should be considered as a thought in future releases since encryption and privacy issues are only going to increase in fast moving digital times.