Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

problem with keyserver: ldap://keyserver.pgp.com:389

Created: 06 Feb 2013 • Updated: 07 Feb 2013 | 1 comment
tito's picture

Hello,

I have PGP Universal server    3.3.0 (Build 8741) in the VMWARE ESXi environment: Symantec Encryption Server release 3.3.0.8741 (Ovid).

My question is following:

In the MAIL: "Policy Chain: Outbound" I have following custom rule:

--------------------------------

    This rule is always executed

     Edit Conditions

Actions

Send (encrypted/signed)

   Encrypt to recipient's key

    When suitable key not found send clear, signed

    Sign

    Preferred encoding format: Automatic

     Edit Actions   

Key Search

The following locations will be searched for keys by default:

   Internal users

    External users

These additional locations will also be searched:

    Keyserver of sender or recipient address (ldap://keys.$ADDRESS_DOMAIN:389)

    PGP Global Directory (ldap://keyserver.pgp.com:389)

--------------------------------

In the section "These additional locations will also be searched" there has been used only "ldap://keys.$ADDRESS_DOMAIN:389" value. Why?

I need to find keys by "PGP Global Directory (ldap://keyserver.pgp.com:389)" too.

 

See debug log below:

---

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: recipient cybermedi@yahoo.com: policy rule match: chain: "Default", rule: "Outbound Server Mail"

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: recipient cybermedi@yahoo.com: policy rule match: chain: "Outbound", rule: "kryptuj_muzesli"

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: key search <cybermedi@yahoo.com> [keys.yahoo.com]: Could not get recipient encryption key: Skipping keyserver keys.yahoo.com because it was down the last time it was checked

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: message accepted [250 2.0.0 Ok: queued as 602AE3DF3B3]

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: recipient 1/1 (cybermedi@yahoo.com): passing through unmodified

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117:   [250 2.0.0 Ok: queued as 602AE3DF3B3]

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: connection from 192.168.200.10:10859 closed

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00116: message accepted [250 2.6.0 <2de4955a-dd7c-419c-bee2-1b3ef62c98e5@CAS1.eru.cz> [InternalId=9867] Queued mail for delivery]

Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00116: recipient 1/1 (tikal@3t.cz): [Bcc] passing through unmodified

Feb  6 17:21:33 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00116: connection from 192.168.200.4:45978 closed

-------------------------------

Regards Tomas

Comments 1 CommentJump to latest comment

Alex_CST's picture

There is an option inside the universal server to use keyserver.pgp.com as a lookup source, but you can manually add it in keys > keyservers

Please mark posts as solutions if they solve your problem!

http://www.cstl.com