Encryption Management Server cannot always decrypt inbound messages that have been modified. For example, if the message has text added to it stating that it originated from an external source then Encryption Management Server may pass the message to the recipient without decrypting it.

Messages encrypted by Encryption Management Server to a PGP/MIME format key use this content type and protocol:
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"

According to RFC 3156 multipart/encrypted are to be treated by agents as opaque, meaning that the data is not to be altered in any way.

Therefore, altering such messages by adding text to them will invalidate them.

HTML format messages encrypted by Encryption Management Server to a PGP Partitioned format key use this content type:

Content-Type: multipart/mixed

Altering such messages by adding text to them will not invalidate them and Encryption Management Server can decrypt them but the additional text will probably be lost.

Messages encrypted by Encryption Desktop to a PGP/MIME format key use this content type:

Content-Type: multipart/mixed

Altering such messages by adding text to them will not invalidate them and Encryption Management Server can decrypt them but the additional text will probably be lost.

Encryption Management Server 3.3 and above.

By far the best solution is for Encryption Management Server to decrypt messages before any additional text is added to them.

If this is not possible, the sender will have to do one of the following:

1. Use Encryption Desktop to encrypt the message.
2. Use Encryption Management Server to encrypt the message using PGP Partitioned encoding.