HOW TO: Configure and Use Exclusions with Dictionaries in PGP Universal Server


Article ID: 180145


Updated On:


Symantec Products




This article provides step-by-step instructions for configuring and using Exclusions with Dictionaries on PGP Universal Server.


HOW TO: Configure and Use Exclusions with Dictionaries in PGP Universal Server

Exclusions are email addresses to which you do not want to send encrypted email. The most common excluded addresses are usually mailing lists. PGP Universal detects mailing list automatically by looking for a header in the email that indicates a mailing list (RFC 2919). You can also manually add any email address to the exclusion list, even using wildcards to match multiple addresses. If you are using the Directory Synchronization feature, mailing lists found in the directory will be automatically added.

In versions of PGP Universal Server 2.5 and above, exclusions are handled using Dictionaries. Dictionaries are lists of terms to be matched. Dictionaries work with mail policy to allow you to define content lists that can trigger rules or fulfill the conditions of a rule to trigger actions. For example, Dictionaries can contain addresses you want excluded from processing, key words like confidential, or user names for internal users whose messages need special handling.


  • PGP Universal Server 2.5 and above has 4 default Dictionaries that you can use to Exclude email addresses: Excluded Addresses: Sign, Excluded Addresses: Do Not Sign, Excluded Addresses: Pending, and Managed Domains.  You can also create your own Dictionaries and exclude on any condition you want.
  • Addresses that PGP Universal Server automatically detect will remain in a pending state until you approve them.


Exclude an Email Address

  1. Go to the Policy/Dictionaries tab.

  2. Click on the name of the Default Dictionary you wish to add your exclusion to.

    If you want to create your own Dictionary with your own list of exclusions click the Add Dictionary button. 

    The View Dictionary screen will appear for the Dictionary selected.

  3. Click on Add Exclusions near the bottom of the screen.

    The Edit Dictionary screen will appear.

  4. Enter in the text for your Exclusions in the Import Text box or choose Import Text File to import a file with your list of Exclusions already created.

  5. Choose either Literals or Patterns and to either append your exclusions to the existing list or to replace the existing list.

  6. Click Import.

    The View Dictionary screen appears and the Exclusions you added will appear in the Exclusion List for the Dictionary.


Managing Pending Excluded Email Addresses

  1. Go to the Policy/Dictionaries tab, then click on Excluded Addresses: Pending dictionary.

  2. To approve one pending excluded email address, click the plus-sign icon (+) in the Action column of the pending excluded email address.

  3. To approve all pending excluded email addresses, click Options then Approve All .

  4. To remove an excluded email address from the list, click the Delete icon in the Action column of the email address you want to remove.

  5. To remove all excluded email addresses from the list, click Options then Delete All.


Using Wildcards to Exclude Email Addresses

Wildcards are case insensitive. PGP Universal Server supports the following rules when creating email addresses to be excluded by using wildcards.


  1. "*" matches any number of characters, including zero characters. For example, a*c would match:
    a.  ac
    b.  abbc
    c.  ash7sslc

  2. "?" matches any single character. For example, a?c would match:
    a.  acc
    b.  a9c

    but a?c would not match:
    a.  abbc
    b.  ash7sslc

  3. character matches itself only except for * and -
    a.  abcd would match abcd
    b.  abcd would not match acc

  4.  \character matches itself including characters * and -
    a.  \* would match an asterisk
    b.  \? would match a question mark
    c.  \abc would match abc
    d.  a\bc would match abc