If an internal user's key has expired, outbound email will bounce or queue.
Whether outbound messages bounce or queue depends on whether the subkey has also expired. Here is an example where the subkey was still valid on 30 September 2020, the day the email message was sent:
In this scenario, the outbound message bounces:
In this example, by 30 September 2020, the user's subkey has also expired:
In this scenario, the message cannot be processed but it does not bounce:
In both scenarios, the attempt to send an email message causes the Last Use field in the internal user's record to be updated:
Encryption Management Server release 3.4.2 and above.
At 12am and 12pm each day, keys that are due to expire within one day are automatically renewed.
Any user account with expired keys that has a Last Use field that has been updated since the last key renewal task ran will also be renewed.
Therefore, the next time the user tries to send an email through Encryption Management Server, the message will be encrypted successfully. Any messages that could not be processed previously will be processed at the same time.