The Symantec Encryption Management Server (SEMS) includes the ability to create mail rules to encrypt to specific keys, rather than having to search for a specific key. Doing so could be useful if it is necessary to encrypt to a specific key under certain circumstances. It may be that the recipient domain requests a single key be used whenever sending encrypted emails to their domain, and using these mail rules makes this possible.
The SEMS does not support decrypting incoming encrypted mails to a single domain key for the SEMS managed domain. The SEMS does not include a single key for the entire domain for encryption and decryption.
A Feature Request has been submitted for the ability to decrypt emails with one key for all users.
Symantec Enterprise Division is committed to product quality and satisfied customers. Technical Support filed a Feature Request to add the functionality listed above.
Support has worked directly with Product Management and has determined this feature will not be included at this time to ensure highest security in our products.
To be added to this Feature Request, please contact support who will track specific customer requests therein.
To have your organization added to the list of companies that desire this Feature Request, please contact technical support.
Alternatively, see the following article for more information on how to create a "shared key":
209776 - Integrating a shared PGP Key for multiple users on Symantec Encryption Management Server
Etrack: 4269047, ISFR-1450