What is S/MIME? The following article well described about this feature. In this article, we just like to share the details about what happens when the mail client send or receive a S/MIME email so that you can have some ideas about where to start the troubleshooting.

https://technet.microsoft.com/en-us/library/dn626158(v=exchg.150).aspx

When sending a digitally signed e-mail message, the following sequence occurs.

1. Message is captured (performed by client system).

2. Hash value of the message is calculated using the algorithm specified by the defaultSigningAlgorithms key (performed by client system and user's Exchange server).

3. Sender's digital certificate private key is retrieved (performed by client system).

4. Sender's digital certificate is verified (performed by user's Exchange server).

5. Hash value is encrypted with the sender's private key (performed by client system and user's Exchange server).

6. Encrypted hash value is appended to the message as a digital signature (performed by client system).

7. Message is sent (performed by client system).

When viewing an encrypted e-mail message, the following sequence occurs.

1. Message is received (performed by user's Exchange server).

2. Encrypted message and encrypted session key are retrieved from the message (performed by client system).

3. Recipient's digital certificate private key is retrieved (performed by client system).

4. Session key is decrypted with the recipient's digital certificate private key (performed by client system).

5. Message is decrypted with the decrypted session key (performed by client system).

Unencrypted message is returned to the recipient (performed by client system).