Symantec Desktop Encryption always encrypts email

Created: 20 Mar 2013 | 7 comments

trogdor

I am using Symantec Desktop Encryption 10.3.0. Every time I send an email to someone whose key is in my keyring the email is automatically encrypted.

I am using Outlook 2013 with POP servers.

I have configured Symantec Desktop Encryption via Options->Messaging-> secure e-mail and have set " activate PGP-encryption Button ... in Outlook".
But it does not matter, if I set the "Encryption" button when creating a new email, or not, the emails are always encrypted. The only policies I have in place are Sign & Encrypt, Sign Button, and Encrypt Button.

How can I choose the emails I wish to encrypt and the rest which I do not want encrypted?

Thanks in advance.

Operating Systems:

Windows 7

Discussion Filed Under:

Security, Email Encryption, Configuring, Rules, Windows 7

Login or register to post comments
Comments RSS Feed

Comments 7 Comments • Jump to latest comment

Tom Mc Symantec Employee Technical Support

Symantec Desktop Encryption always encrypts email - Comment:20 Mar 2013 : Link

Are you maybe in a PGP/Symantec Universal managed setting that encrypts mail at the server level?

Do you have more than one PGP/Symantec messaging service?

If you leave everything else the same, but disable those three button policies, does it still encrypt to those keys?

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base

trogdor

Symantec Desktop Encryption always encrypts email - Comment:20 Mar 2013 : Link

I am not using a Universal server.

Just one Symantec messaging service.

Disabling buttons allowed the message to go through unencrypted.

Tom Mc Symantec Employee Technical Support

Symantec Desktop Encryption always encrypts email - Comment:20 Mar 2013 : Link

Please make sure your button policies are set correctly.

Encrypt Button Default Policy
Encrypt Button is one of the default security policies that PGP Desktop automatically creates for a service. The settings for this default policy are:
•
If: If all
•
Conditions: Message Header "X-PGP-Encrypt-Button" contains "selected"
•
Actions: Encrypt to recipient's verified key
•
Prefer encoding: automatic
•
If a recipient's key is not available: Search keys.domain and keyserver.pgp.com and temporarily cache found keys
•
If no result: Block message
This rule should appear fourth in the list of default policies.

------------------

Sign + Encrypt Buttons Default Policy
Encrypt and Sign Buttons is one of the default security policies that PGP Desktop automatically creates for a service. The settings for this default policy are:

•
If: If all
•
Conditions: Message Header "X-PGP-Sign-Button" contains "selected"; Message Header "X-PGP-Encrypt-Button" contains "selected"
•
Actions: Sign; Encrypt to recipient's verified key
•
Prefer encoding: automatic
•
If a recipient's key is not available: Search keys.domain and keyserver.pgp.com and temporarily cache found keys
•
If no result: Block message
This rule should appear second in the list of default policies.

--------------------

Sign Button Default Policy
Sign Button is one of the default security policies that PGP Desktop automatically creates for a service. The settings for this default policy are:
•
If: If all
•
Conditions: Message Header "X-PGP-Sign-Button" contains "selected"
•
Actions: Sign
•
Prefer encoding: automatic
This rule should appear third in the list of default policies.

-----------------

--------------

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base