Information
This policy setting allows you to specify whether replies will be automatically signed.
If you enable this policy setting, the option to respond automatically to a signed message with a signed response will be overridden, and an unsigned response will be the default reply to a signed message.
If you disable or do not configure this policy setting, a signed response will be the default reply to a signed message. The recommended state for this setting is: Enabled.
Rationale:
If digital signatures are automatically applied to all outbound messages its likely that some recipients will be unable to verify the signatures. This is due to the fact that most organizations will deploy digital certificates to users from their own internal Certification Authority (CA), which external users cannot access. Recipients of signed messages who are unable to confirm the validity of those signatures may feel unsafe viewing legitimate messages.
Solution
To implement the recommended configuration state, set the following Group Policy setting to Enabled.
User Configuration\Administrative Templates\Microsoft Outlook 2013\Security\Do not automatically sign replies
Impact:
This setting enforces the default configuration, and therefore is unlikely to cause significant usability issues for most users.