Outlook sends 3DES when I've chosen AES 256

We see this as common question in Microsoft Support so I wanted to lay out the approach Outlook for Windows takes to determine what encryption algorithm is chosen when sending encrypted email to a recipient. First, know that when choosing algorithms Outlook determines what both the sender and recipient supports.  Although it will refer to the sender preference, it will not always send using that preference.  It does this to ensure that the recipient can actually read the encrypted message.  Here is the process Outlook takes to choose an algorithm:

  1. It looks at the recipient's certificate and checks to see if it comes from a particular provider.  If it knows which provider generated the certificate, or can query the provider itself, then it can determine what algorithms the provider supports.
  2. It looks at the recipient's certificate and checks for the presence of the SMIME Capabilities attribute.  If present, it will examine this attribute and look at the algorithms that the certificate supports.
  3. If neither of these options are viable, it will default to a base default algorithm.  This will be 3DES if you're using Outlook 2007, 2010, 2013, 2016 MSI or a version of Office 2016 (C2R) less than 16.8518.1000.  It'll be AES 256 if you're using a version greater than 16.8518.1000 (C2R).

Once it determines what algorithms the recipient can support, it finds the intersection of the recipient and the sender and chooses the best algorithm from there. This is where the sender's preference may be overridden.

Therefore, if you're seeing a chosen algorithm different than what you expect, you can use the steps above to determine how the algorithm was chosen.

The recommended approach for fixing this is for the recipient to change the certificate to include the SMIME Capabilities attribute.  This way the recipient can advertise to Outlook what algorithms the sender should use to send encrypted message to the recipient.

Note: Group Policy can also impact this decision, but that's not discussed in this article.