File Share Encryption

 View Only

  • 1.  problem with keyserver: ldap://keyserver.pgp.com:389

    Posted Feb 06, 2013 02:56 PM

    Hello,

    I have PGP Universal server    3.3.0 (Build 8741) in the VMWARE ESXi environment: Symantec Encryption Server release 3.3.0.8741 (Ovid).

    My question is following:

    In the MAIL: "Policy Chain: Outbound" I have following custom rule:

    --------------------------------

        This rule is always executed

         Edit Conditions

    Actions

    Send (encrypted/signed)

       Encrypt to recipient's key

        When suitable key not found send clear, signed

        Sign

        Preferred encoding format: Automatic

         Edit Actions   

    Key Search

    The following locations will be searched for keys by default:

       Internal users

        External users

    These additional locations will also be searched:

        Keyserver of sender or recipient address (ldap://keys.$ADDRESS_DOMAIN:389)

        PGP Global Directory (ldap://keyserver.pgp.com:389)

    --------------------------------

    In the section "These additional locations will also be searched" there has been used only "ldap://keys.$ADDRESS_DOMAIN:389" value. Why?

    I need to find keys by "PGP Global Directory (ldap://keyserver.pgp.com:389)" too.

     

    See debug log below:

    ---

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: recipient cybermedi@yahoo.com: policy rule match: chain: "Default", rule: "Outbound Server Mail"

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: recipient cybermedi@yahoo.com: policy rule match: chain: "Outbound", rule: "kryptuj_muzesli"

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: key search <cybermedi@yahoo.com> [keys.yahoo.com]: Could not get recipient encryption key: Skipping keyserver keys.yahoo.com because it was down the last time it was checked

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: message accepted [250 2.0.0 Ok: queued as 602AE3DF3B3]

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: recipient 1/1 (cybermedi@yahoo.com): passing through unmodified

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117:   [250 2.0.0 Ok: queued as 602AE3DF3B3]

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00117: connection from 192.168.200.10:10859 closed

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00116: message accepted [250 2.6.0 <2de4955a-dd7c-419c-bee2-1b3ef62c98e5@CAS1.eru.cz> [InternalId=9867] Queued mail for delivery]

    Feb  6 17:21:28 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00116: recipient 1/1 (tikal@3t.cz): [Bcc] passing through unmodified

    Feb  6 17:21:33 192.168.200.12 pgp pgp/messaging[3625]:       SMTP-00116: connection from 192.168.200.4:45978 closed

    -------------------------------

    Regards Tomas



  • 2.  RE: problem with keyserver: ldap://keyserver.pgp.com:389

    Posted Feb 08, 2013 04:17 AM

    There is an option inside the universal server to use keyserver.pgp.com as a lookup source, but you can manually add it in keys > keyservers