ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unable to send emails to * when Using PGP Desktop Email Encryption, or PGP Universal Server Email Encryption.


Article ID: 157160


Updated On:


Symantec Products


When PGP Universal Server or PGP Desktop try to encrypt to keys found at,  an error that the keys are considered invalid, and cannot be encrypted to is displayed. Depending on current policy the email may be blocked or sent as a Web messenger message.

 SMTP-31040: fatal exception evaluating policy for recipient * key can’t be used for encryption -jumping to Exception chain


Keys found at do not have the messaging usage flag and therefore cannot be encrypted too the key.

Sample of the Key Usage properties of a key obtained from



You will need to modify your Mail Encryption Policy appropriately.  

Use one of the following configuration options:

1) Ignore the result and send the message in the clear.
2) Set your key searches to either ignore keys from or just not search the domain at all.

Applies To

PGP Desktop 9.9 or later
PGP Universal Server 2.9 or later