search cancel

Symantec Encryption Management Server cannot decrypt an attachment attached to a Rich Text Format message


Article ID: 163281


Updated On:


Encryption Management Server Gateway Email Encryption


If Symantec Encryption Management Server receives a Rich Text Format message that contains a PGP encrypted attachment, the attachment is not decrypted and the message is delivered without any changes.

If the recipient does not use Symantec Encryption Desktop, the message will be delivered with an encrypted attachment. If the recipient does use Symantec Encryption Desktop, the attachment will be decrypted by Symantec Encryption Desktop.

Rich Text Format messages are used only by Microsoft Outlook.


At the SMTP data stream level, a Rich Text Format message consists of a file called winmail.dat. Any attachments, whether encrypted or not, are embedded in this winmail.dat file. Symantec Encryption Management Server does not recognise that any part of the message is encrypted so the rule to decrypt the message does not trigger.


There are several ways of working around this issue:

  1. Ask the sender to ensure the message is sent in HTML or Plain Text format.
  2. Ask the sender's organization to configure their Microsoft Exchange server to automatically convert Rich Text Format messages to HTML format before they are sent over the Internet to external recipients. This is a widely used configuration option.
  3. Provide the recipient with Symantec Desktop Email Encryption.