Configuring PGP Encryption Desktop (Symantec Encryption Desktop) to automatically encrypt Gmail in Outlook
Article ID: 191087
Updated On:
Products
Issue/Introduction
Cause
Gmail by default will not allow unencrypted communications (non-TLS) when configuring mail clients, such as Outlook.
PGP Encryption Desktop will act as a "proxy" and handles these TLS connections when working with mail clients.
In order to get PGP Encryption Desktop to automatically handle TLS for Gmail, you need to disable TLS in the mail client. PGP Encryption Desktop will then handle the TLS and proxy the connection automatically.
Because Outlook provides the option to automatically configure Gmail automatically, it will configure TLS for you. If this is the first time you've setup Gmail it Outlook, you will need to set this up as IMAP rather than Google.
You also need to allow Gmail to work with a 3rd party application that it is unaware of or doesn’t consider secure.
Important Note: See the following article for more information on how to get PGP Encryption Desktop to work with Gmail using App Passwords (2-factor OAuth), which may be necessary to configure successfully:
Resolution
The announcement made by Google, concerning less secure apps does not affect the PGP Email Encryption with Gmail as per the Gmail community. Using an App password is still the current way and the way going forward to use Email Encryption with Gmail.
For further guidance on this topic, reach out to Symantec Encryption Support and provide the following ticket ID:
IMSFR-519/EPG-24509
For alternatives to Email Encryption and Decryption, see the following articles:
153463 - Using PGP Viewer to decrypt email messages encrypted with PGP content
For alternatives on how to encrypt files, which can then be attached to emails, see the following articles:
153161 - PGP Encryption Desktop: Encrypt or Decrypt Files and Folders with PGP Zip (Windows)
Gmail Configurations with Outlook:
In order to use Gmail with Outlook, you must make adjustments in the settings. To make this possible, you will need to enable "Less Secure Apps" in your Gmail settings. Please consult the Gmail documentation for more information on this.
Once less secure app functionality has been enabled we can set up the account in Outlook.
Step 1: Go to File > Add Account
Step 2: Click the Advanced options and tick mark “Let me set up my account manually”
Select IMAP.
Caution: Do Not select Google as this will enable TLS automatically in Outlook and will cause the next steps to fail. Choose IMAP and proceed:
You may or may not get a Symantec Encryption Desktop error here stating that SSL/TLS is enabled if you do ignore the error and close the dialog.
Step 3: Click File, Account Settings, Server Settings
Step 4: In the incoming mail dialog select encryption method none and change the port to 143
Step 5: Click the outgoing mail server and change the encryption method to none and the port to 587.
Step 6: Put in your email password and hit OK.
The Symantec Encryption Desktop dialog should now pop up and prompt to confirm the mail server name, click allow.
Symantec Encryption Desktop should then prompt you to secure the account.
Select the desired encryption method.
From here choose your keys, etc.
Your Gmail account is now secured by PGP Messaging.
Important Note: For accounts that already have Gmail configured with Outlook, you will need to disable TLS and enable the non-encrypted ports as illustrated in steps 3 through 6. Since Gmail does not allow any non-secure connections, enabling non-secure ports in Outlook is fine, because Symantec Encryption Desktop will proxy these secure ports automatically.
The following screenshot will show you how one Outlook client was configured properly:
Notice in the above screenshot, SMTP Authentication was enabled and the settings are the same for incoming mail servers.
In the screenshot below, notice the settings for IMAP have disabled TLS. This is indicated by seeing the ports as listed standard non-TLS ports for IMAP:
Additional Information
Feedback
