Disable Opportunistic Encryption (recipient-based encryption)

book

Article ID: 156558

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

Specific emails should only be encrypted when using the "Encrypt" button or by adding a [PGP] to the Subject or classifying the email as "Private" or "Confidential". Client does not want to have emails encrypted without intervention and not based on recipient.

Resolution

On the administrative Interface of PGP Universal Server go to Mail > Mail Policy.

 

Method 1:

1. From the list of Policy Chains, click the "Outbound" Policy.

2. From the list of Policy Chains, select "Policy Chain: Outbound". and then click the Rule "Application is Server".

3. The Policy "Edit Rule: Application is Server" opens. To the right uncheck the "This rule is enabled" box.

4. Click Save.

5. Go back to "Policy Chain: Outbound". Repeat the steps for Policy "Application is Client" and save it.

 

Method 2:

1. From the list of Policy Chains, click the Policy "Outbound: Server Only".

2. The Policy Set "Policy Chain: Outbound: Server Only" appears. Click the Rule "Send Message"

3. The Policy "Edit Rule: Send Message" opens. To the right uncheck the "This rule is enabled"-Box.

4. Click Save.

5. Go back to the Mail Policy set. Repeat the steps for Policy "Outbound: Client Only" and save it.

 

Once the Policy is updated on the PGP Desktop Clients, there will be no opportunistic Encryption. Only specific marked messages will be encrypted.

 

Method 3:

For Standalone Clients or managed Clients that are allowed by Policy to change the rules:

1. Open PGP Desktop.

2. To the left side, click the "PGP Messaging".

3. On the right side Click "Edit Policies", next to a list of Security Policies. The Window changes and displays some checkboxes.

4. Uncheck the Checkbox for "Opportunistic Encryption" and click "Done"

 

Once done, there will be no opportunistic Encryption. Only specific marked messages will be encrypted.

 


Applies To

PGP Universal Server with managed PGP Desktop

PGP Desktop Standalone