ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Encryption Management Server mail rule fails to match a Dictionary entry

book

Article ID: 172747

calendar_today

Updated On:

Products

Encryption Management Server Gateway Email Encryption

Issue/Introduction

An Encryption Management Server mail rule that refers to a Dictionary in its Conditions does not trigger as expected.

Mail rule Conditions can reference a dictionary when they are used to check any of the following:

  1. Recipient address.
  2. Recipient domain.
  3. Sender address.
  4. Sender domain.

Sometimes a dictionary that contains what appears to be a matching domain or address may not get matched by the rule.

Cause

The dictionary term ends or begins with a non-breaking space character. When importing terms into the dictionary, leading and trailing spaces are removed. However, non-breaking space characters are not always removed.

If you import a term into a dictionary using the Import Text method, in Encryption Management Server prior to release 3.4.2 MP3, non-breaking space characters appear as spaces. In release 3.4.2 MP3 and above, non-breaking space characters are removed.

When viewing dictionary content in the administration console, leading non-breaking space characters are very difficult to detect. Trailing non-breaking space characters are impossible to detect.

Therefore, although the domain or address appears to be in the dictionary when viewed in the administration console, the mail rule does not match it.

Environment

Symantec Encryption Management Server 3.3.2 MP13 and above.

Resolution

When using the Import Text method, ensure that the terms you add to a dictionary do not contain invalid characters or upgrade to release 3.4.2 MP3 or above.

If you are unable to validate the terms prior to importing them or in releases prior to 3.4.2 MP3, use the Import Text File method because this results in any extended ASCII character such as a non-breaking space character appearing in the administration console as a replacement character (a black diamond with a white question mark) which is easy to detect.