Encrypted mails by PGP server doesn’t go out via symantec messaging gateway.

I need a solution

Hi All,

We have a setup like below;

Client –> Exchange Server –> Symantec Encryption Management Server (aka PGP server) –> Symantec Messaging Gateway –> Internet.

The unencrypted emails are processed and going through as expected. No issues.

When I excrypt that message and send, It doesn’t go through. 

Is there something I need to do in my Messaging Gateway or PGP server? 

Please advise. 




PGP Encryption Issue

I need a solution

Hello all,

Our organization is currently using Symantec PGP Encryption software and a File Transfer Protocol Application called, Axway to received and send files through encrypted SFTP connections. And we found there are some several vendors/clients who cannot use our keys for some reasons such as cipers or algorithms that may be different. Or other issues. Has anyone encounter an issue with certain PGP compabilities and in what ways or how did you resolved that issue? We have some who uses PGP command line and they need to change their script/code to make it work. What other scenarios have you seen?

We have an issue where the vendor needs an email address in order to import the key. Many other vendors does not have that issue. Once we add the email address, the PGP Key Block has changed, would this affect the encryption and decryption process when delivering files?

Another issue is the vendor such as Workday is using their Integrated tool to encrypt the key but when sending the files it failed to encrypt and sign once it hits our Axway File Transfer Protocol Application.

Any suggestions and help in guidance would be appreciated!

Let me know if I need add any attachment.





Desktop Client Upgrade Questions.

I need a solution

Good day.

I recently upgraded the Encryption Management Server to the latest version, which has given me access to the 10.4.2 dekstop client. Which I will be deploying to the PCs we have in our network.

The two questions I have:

1.) If the PC is currently encrypted, can I simply deploy the new client? Will it do an in place upgrade on the encrypted PC? Or do I need to decrypt, do the upgrade and then re-encrypt?

2.) We have different versions of the client running in our network, from as far back as Will I be able to upgrade them all to the latest version, or are some of the older ones not compatible with the new version? If that is the case, do I need to decrypt the old machines, un-install the old client, re-install the new client and then re-encrypt the PCs?

Thank you for any help with this matter. Much appreciated.



  • No Related Posts

Encryption Desktop 10.4.2 [MP3]

I do not need a solution (just sharing information)


We are experiencing some issues with current Encryption Desktop 10.4.2 [MP3] version, aswell with earlier releases. (OS Windows)

  • After some Windows updates PGP services stops working, email clients are experiencing connection timeouts and it’s not possible to send/receive emails. Only reinstalling PGP solves this issue.
  • When using multiple emails and multiple PGP keys we are experiencing issues while decrypting emails, mostly sent emails cannot be opened, because of missing decrypting keys. It seems that sent mails are being encrypted with random PGP key from the key list or master key list.
    Usualy in the PGP Log’s we get these error: MAPI Proxy: Decryption failed with error: bad packet
  • With some Internet providers we are experiencing continues PGP Messaging service creation, commonly with GMAIL servers.
    We have tryed using wildcards “*” for Incoming/Outgoing servers in PGP Messaging Service, some time’s it works, sometimes when it does not work all emails stops working and it’s not possible to send/receive emails.

We would like to have some workarounds for these issues and fix’es in upcoming releases.




PGP Drive encryption information

I need a solution

need info about Symantec PGP drive encryption.Please let me know the key points like which mechanism it is using for drive encryption like symmetric or asymmetric key cryptography.

And what is keymanagement server and can we use single PGP drive encryption management server for Drive encryption,email encryption,key management server



Setup Email Server for Email Notifications

I need a solution

Hello everyone. I am struggling to find information on how to setup an email server able to handle what SEPM needs. I have found a wealth of information regarding setting up the actual email notifications, but nothing on the actual email server settings/requirements. 

All our computers are Win10 and the Server is running Server 2016. 

Do you have to use whatever email server the admin email is using? Or can you use a different email server?

We use a gmail account already for other SMTP email alerts with no issue, but those credentials do not seem to work. All our work emails are through MS Exchange (as is the admin’s email) – which also do not work. 

How can you tell if your email server is setup to recieve SMTP relays? How can I enable that if it’s not set already?

For the sender address, does that need to be an actual existing email or can you makeup one? (Ex: SEPM@email.com)

I have logs of past failures. Reading through them helps me none. I doubt they would be helpful as I’m sure I’m not setting up our email server right.

Thanks for your time and help!



PGP Decryption for Strings Encrypted using Bouncy Castle API

I need a solution

Hi Everyone, 

Currently I’m using Bouncy Castle JARs(https://www.bouncycastle.org/) for Encrypting and Signinig a String. The encryption and signing is not a single function call, but is is encryption followed by signing the encrypted string. 

This Encrytped and Signed Token is shared with the Vendor who uses Symantec Command Line to Decrypted and verify the encrypted string. But when the following pgp command is executed 

pgp –decrypt “file” –passphrase “SecretKey” 

We get a encrypted file which needs to be decrypted again using the above command. 

Is it not possible to verify and decrypt the string in one step if it is encrypted using Bouncy Castle API ? 

As per the documentation,

–decrypt Decrypts encrypted files with local keys or keys on a PGP KMS server. If data being decrypted is also signed, the signature is automatically verified during the decryption process. The usage format is: pgp –decrypt [ …] […] [options]

Please share your thoughts and insights. 

Note: When I use PGP Command Line for encryption and signinig, the decryption and verification process happens in one step. 

Thanks and Regards,




  • No Related Posts