Enable-GphAGPMEncryptedMail.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#Requires -RunAsAdministrator
function Enable-GphAGPMEncryptedMail
{
  <#
      .SYNOPSIS
      Sets AGPM (Advanced Group Policy Management) to send mails only encrypted over https.
 
      .DESCRIPTION
      By Default, AGPM sends mail unencrypted via Port 25. To switch to https secured mail transfer, simply call this
      cmdlet without parameters. If you want to disable encryted mail transfer, use the switch-parameter -disable. With
      the Parameter -port you can set the smtp-Port.
       
      .EXAMPLE
      Enable-GphAGPMEncrytpedMail
 
      Enables AGPM Mail encryption on default https-Port 587
 
      .EXAMPLE
      Enable-GphAGPMEncrytpedMail -disable
 
      Disable encrypted mail Transport.
 
 
      .NOTES
      Author: Holger Voges
      Date: 2018-11-16
      Version: 1.0
  #>

  [CmdletBinding()]
  param(
    # Set this Parameter to Disable Mail Encryption
    [switch]
    $disable,
    
    [ValidateRange(0,65535)]
    [int]
    $port = 587 
  )

  $AGPMKey = 'HKLM:\Software\Microsoft\AGPM'
  If ( $disable ) 
  {
    $Encrypted = 0 
  }
  Else 
  {
    $Encrypted = 1 
  }
  Set-ItemProperty -Path $AGPMKey -Name EncryptSMTP -Value $Encrypted
  Set-Item -Path $AGPMKey -Path -Name -Path SmtpPort -Value $port
}