Endpoint Encryption

hi eveyone, our GM has PGP desktop 10.2 installed on win7 32bit machine with office 2010 32 bit as well.

when he send message to an authenticated friend, the message won't be encrypted, instead it will be sent as clear text.

but he is able to decrypt an encrypted incoming email.

1. i've checked the add-ins in outlook 2010 & the plugin is there.
2. the "enable PGP encrypt and sign buttons in outlook" from options is  checked marked.

what is weird is that wherever he send a message, GM won't get a notification that an outgoing email is under process:

1. for this i checked NOTIFIER under options & everything there was checked marked.

what can be the issue? is it plugin? is there any more setup that i need to do?

Please support

Thanx

Hi,

Do you have a Universal Server in this setup?  Or is it just stand-alone and the encrypting is happening at the clients end?  If you do have a UN in the setup, verify it isn't in Learn Mode.

hi weevil,

i checked the "server settings" in PGP desktop & the server type was on "internet Mail" ( i kept it this way)

under universal server, the checklist was on "<none>", if i ask to "create new", it will ask me to enter the name of a PGP Universal server which i don't know what it should be so i canceled it.

is that means that  it is  stand-alone?

what else i can do?

thanx

This Knowledge Base Article may be of help.

Does the PGP keyring contain the public key for the person your GM wants to encrypt to?  Does the User ID contain the email address the email is addressed to?  Is is signed by the GM's key?  Does it show as Verified in All Keys, in PGP Desktop?  Is the key showing as not being expired or revoked?  If you right click on the key and select Key Properties, and then check the Key Usage setting, does it have PGP Messaging enabled?

Are the settings for your servers in for your PGP messaging service set correctly?

Have you made any change of PGP Options from the default settings?

Have you made any changes in the PGP Messaging Service settings?

Probably a silly question, but is the GM actually using  the Outlook PGP buttons to set the email to be either Encrypted or Encrypted and Signed before sending the email?

That does mean you are in stand-alone mode.

Can you do ANY encrypting?  Have you created policies/settings whereby you type something in the subject i.e. [PGP] it will encrypt or bounce?

Hi Tom,

thanx for the steps but actually none solved my issue here.

GM is frustrated.in fact, he believe it's plugin issue since he is not getting any notification when he send a email. Instead, he get notified about received emails only.

once more, i want to confirm that all notifier options are checked-marked.

Have you tried reinstalling PGP Desktop (backing up the keys is always a good idea at this stage)

Please go to PGPtray - About PGP Desktop - Licensing and see if there is a check mark indicating that PGP Messaging is enabled.  Incoming email being decrypted while outgoing email not being processed is how PGP functions when it is not licensed (using it as Freeware).

 Incoming email being decrypted while outgoing email not being processed, PGP 10.2 is Licensed (Enterprice)

Using Outlook 2010 eng / Imap mail.

Noting happens then I have mark the sign and/or Encrypt button in Outlook, work fine other way decrypt direct...

Hi everyone,

i tried reinstalling but it didn't help.

as for the license, GM is using PGP 10.2 Licensed Enterprise edition (PGP Messaging is enabled).

ClaesG is right. we are also using IMAP protocol for outlook 2010. it's needed for us. please don't tell me to use POP3 instead. if it's a bug for PGP10.2, i'm counting on PGP team to solve it a.s.a.p

Thanx

If you are using Exchange 2010, please see this Knowledge Base Article. 

Hi Tom, we are not using MS Exchange.

it's a simple setting. a pc with outlook 2010 IMAP in use as protocol & PGP 10.2 not working

17:03:33 Email  Verbose Connected to server at x.x.x.x
17:03:33 Email  Verbose Looking for account data for user * @ *.com
17:03:33 Email  Verbose Found existing account list entry for x.x.x.x
17:03:33 Email  Verbose Existing entry is * @ *.com
17:03:47 Email  Verbose Outlook Plugin: User signed and encrypted a message with subject ggggrtrtrtrtrtrtrt
17:03:47 Email  Verbose Connection accepted
17:03:47 Email  Verbose Processing plugin requests

No sign or encrypt even if I  the logfile says "User signed and encrypted a message with subject"

I have the same settings as Rachad, but I even have tried POP settings and it dont work too..

But my config is IMAP

RG

ClaesG

PGP Desktop definitely supports IMAP, can we get some more logs from either scenario

I can send logs but I need take away all company information as server IP adress, accounts etc OK?

I have tryied from 2 different Imap serversand no works it works with our Exchange server but in this case I need to use a Imap server..

RG

ClaesG

Yes of course that's fine, dont need those anyway :)

Hi again

if you look at my log above (PGP log) so PGP will stop doing something after "Processing plugin requests", and it will not show any window that tells you it encrypts the email and sends it unencrypted .. I have also tested with Outlook 2007 the same problem and the log looks exactly the same.

My config is. Imap server outgoing mail goes with smtp port 2525
Windows X Eng, Office 2010, eng, lates PGP, all up to date ..

In my eyes it looks like plug-ins in outlook to rise at the end work or have one bug,,
Best regards
Claes

Can you enable debug logging and do the same thing, I think more information is required to narrow down the issue further:

http://www.symantec.com/docs/TECH149847

HI not my day today...

I have enable debug and her you have a plain txt file..

Grateful for any help to solve this

Claes

Attachment(s)

debug_clean_0.txt   232 KB 1 version

Hi Guys,

Any good news regarding our issue?

thanx

Guys, any updates?!!!

Only thing I can see is:

16:36:20 Email	 Proxy	(01): send data: qiti NO Client tried to access nonexistent namespace. (Mailbox name should probably be prefixed with: INBOX.)

Might not be anything, quite a few people who get that error not relating to PGP however, but relating to Outlook 2010

Can you see if you can get encrypting working on a POP3 account to eliminate the IMAP protocol?

Hi

No I have the same problem if I run in POP3

and the name of Inbox is INBOX

It seems that some debug logs are missing. I would check the for the LSP provider plugin to be working. The easiest way that I can think of to do this is to run process explorer and find the outlook.exe process. Then look in the lower pan an sort by name and you see pgplsp.dll runing. it should be there all the time.

Your debug log looks like it's missing some information too, it's certainly not a full debug log. I noticed the IP address' were X'd out and such (which is fine) but there are complete log entries that appear to be missing and it doesn't seem as verbose as it could be. what do you have your logging level set to?

see the attached screenshot for an example of checking for pgplsp.dll.

One other issue I just discovered. Are you using Arcot software? I found a recent bug that is being fixed in an upcoming maintenance pack related to having that Arcot software used for token authentication installed and conflicting with OUtlook 2010 and email processing.

Hi

Have only Acrobat Reader latest version Installed, all up to date.

This is a Clean PC with Windows Xp, all up to date.

Microsoft Office 2010 MUI, all up to date.

F-secure Anti-virus.

Hi

I have Checking it is running even after I have send a email..

Hi!

I use this Verbose debug and following this

http://www.symantec.com/docs/TECH149847

Scaring to have the password in clear text... ;)

RG

Claes

guys, my issue is solved.

the genious techguy in symantec Mr. Markus, helped us sorting our software one by one til he discovered that our PANDA ANTIVIRUS is preventing PGP dekstop mail from showing the encryption process.

so, the cause of the problem is panda antivirus.

now, we are contacting panda antivirus techteam to ask them what they can do to exclude PGP mail-scanning .

thanx everyone :)