FEATURE REQUEST: Encryption is not maintained when sending a Symantec File Share Encryption (previously PGP NetShare) protected file as an email attachment
|Article:TECH181705|||||Created: 2012-02-17|||||Updated: 2015-03-18|||||Article URL http://www.symantec.com/docs/TECH181705|
|NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.|
When attempting to send a file from a Symantec File Share Encryption (previously PGP NetShare) protected directory by right clicking the file and selecting Send To > Mail Recipient, the files are not retaining the File Share Encryption wrapper, or simply attaching the Symantec File Share Encrypted file to an email, such as Microsoft Outlook.
Normally adding both the executable for the mail client and Explorer.exe to the application black list would prevent the file from being decrypted.
The observed behavior if Explorer.exe is added to the black list that files will not inherit the encryption wrapper from any File Share Encryption folder they are copied or moved into.
This behavior is working as designed. Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product. Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.
The following are known workarounds for this scenario:
This issue can be temporarily resolved by encrypting files, saving a copy outside of File Share Encryption, and then using PGP Zip to encrypt the file before emailing it as an attachment.
Another workaround is to add the mail application to the blacklist on Symantec Encryption Management Server under the Consumer Policy the users are applied to. For example, if the mail client was Microsoft Outlook, then in the policy, "Prevent the automatic decryption of files by the following applications", add "outlook.exe", as well as "fixmapi.exe". This will then keep the files encrypted when attaching to an email.
For more information on Blacklisting, please see the Symantec Encryption Management Server Administrator's Guide.
For information on Symantec File Share Encryption automatic file and folder decryption behavior, see article TECH149867.
Article URL http://www.symantec.com/docs/TECH181705