Desktop Email Encryption

 View Only

  • 1.  Symantec PGP Encryption Port 25 Proxy issue

    Posted Aug 27, 2015 12:54 PM
      |   view attached

    We've recently installed Symantec PGP encryption into a Citrix environment and it's locked down via applocker for a small group of users.

    Everything has been going fine until we had a case from a user that was unable to send emails via another 3rd party app. The app sends email via smtp port 25 and as she doesn't have access to the PGP software via Applocker she is unable to send anything. (they use Google Apps so sending normal emails is fine).

    When i do a telnet to the SMTP server via port 25 it fails. If I run the same test with the applocker policy unlocked then it works fine.

    How does Symantec PGP encryption control port 25 and is there a way to disable it? Any help would be much appreciated.

    Please see a screenshot of the telnet to the server which is being proxied by the PGP software:

    PGP_Proxy.JPG

     

     



  • 2.  RE: Symantec PGP Encryption Port 25 Proxy issue

    Posted Aug 28, 2015 02:02 PM

    Dear Mr./Ms Symantoc,

    Symantec Encryption Desktop typically runs a proxy service for SMTP to enable E-Mail encryption. This can be disabled in the local preferences, or in policy from the Symantec Encryption Management Server (if your SED clients are managed). As far as I know, this proxy integrates into the LSP stack, and will be enabled through PGPTray.exe ...

    The way to disable the e-mail proxy within your local preferences is to open Symantec Encryption Desktop, and uncheck the "Use E-mail Proxy" checkbox. Then restart your e-mail client (or software which is sending e-mail.) In older versions of Encryption Desktop there were occasionally issues where this did not resolve the problem.

    If you do not need or use E-mail encryption with Symantec Encryption Desktop, you can totally disable the e-mail proxy during the installation. This would require uninstalling Symantec Encryption Desktop, and re-installing it with the appropriate MSI switches so that it does not install the e-mail components. Please see the below articles for instructions : 

    How to extract the Symantec Encryption Desktop MSI Installation File from the .exe standalone installer - http://www.symantec.com/docs/TECH167331
    Encryption Desktop MSI Switches to Disable Components at Installation - http://www.symantec.com/docs/HOWTO84112

    Please let me know if this resolves the issue, or if you require additional assistance or clarification. 

    Best Regards,

    Phil