Policy Patrol for Exchange and Symantec Encryption Desktop can have potential functionality conflicts

book

Article ID: 158724

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

Policy Patrol for Exchange and Symantec Encryption Desktop can have potential functionality conflicts.

 

Policy Patrol is a third-party solution which allows adding of dynamic signatures for end users, as well as adding conditional/dynamic disclaimers to emails once the message arrives on a Microsoft Exchange Server.

 

Symantec Encryption Desktop has a messaging component which allows end users to encrypt his/her email automatically on the host machine where Outlook is configured.  

 

When the two solutions are being used in an environment, the message gets encrypted on the host machine, and sent to Exchange for processing.  Policy Patrol then adds a disclaimer to the email, and sends it on.  In some cases, either Policy Patrol will prevent proper decryption of the encrypted message on recipient machines, or the encryption will prevent proper adding of the signature/disclaimers.  The potential end result is the message will be decrypted on the client machine, however the Policy Patrol signature may not appear on the message as expected.

 

Additionally, the Policy Patrol signature/disclaimer may actually prevent the message from decrypting properly, and instead show a message with the attachments version.txt and message.pgp.  Both scenarios have been observed.

 

Cause

This is a known issue between the two technologies.  Both these solutions are modifying a message in their respective methods, and have functionality/compatibility issues when used together.

 

Resolution

In one environment, ensuring the internal user is added to the appropriate Policy Patrol policy will allow the messages to be decrypted.  No workaround has been found to allow a message to keep the signature/disclaimer with Policy Patrol.

 

If this functionality is needed to interop between the two technologies, please contact both Policy Patrol and Symantec to further investigate this issue.