The Encryption Management Server Key Cache stores keys that are found in inbound email messages that pass through Encryption Management Server or are looked up on a remote key server.
The key cache is shown in the administration console under Keys / Key Cache. If the Source column for a key shows Mailflow then the key was found in an email. If the Source shows the hostname of a key server then the key was retrieved during a key lookup. For example, keyserver.pgp.com is the hostname of the PGP Global Directory.
Symantec Encryption Management Server 10.5 and above.
Keys retrieved from external key servers are, by default, purged after 1 day. Keys that are retrieved from the inbound mail flow are purged after 180 days.
Clicking on the Cache Settings button allows you to modify the number of days or hours that keys retrieved from external key servers are retained.
Important Note: It is not possible to change the purge settings for keys retrieved from the inbound mail flow. In other words, if an SMIME email comes inbound to the PGP server, and the key is cached (in Key Cache), this cached key does not get purged per the Key Cache Settings configuration and is hardcoded at 180 days.
Only keys that are cached via Keyserver searches are cached and then get purged per the key cache settings.
Keys in the cache can be manually deleted or imported. If they are imported, an external user will be created.