Systems and methods are disclosed that facilitate identifying messages generated on a mobile device while the device is offline as requiring encryption, storing the messages in a message outbox with a flag indicating that encryption is required, and identifying recipients of the flagged messages to generate a recipient list. The recipient list can be piggybacked on a server synchronization request when the mobile device enters a period of online activity, and a server can return public keys associated with identified recipients to permit an encryption component, such as a secure/multipurpose Internet mail extension protocol (S/MIME) encryption component, in the mobile device to encrypt the messages.