The Delivery Options for Encryption Management Server Web Email Protection are:
In order to force external users to upload their own PGP key or S/MIME certificate, you can enable only Import OpenPGP Key or digital ID/X.509 Certificate for S/MIME. This will force external users to upload a key or certificate and reduce the storage space required for Web Email Protection messages.
Symantec Encryption Management Server 3.4.2 and above.
To enable this configuration, from the administration console:
The external user experience is as follows:
Because messages will be delivered to the external user's Web Email Protection Inbox until they have uploaded a key or certificate, it may be advisable to reduce the Web Email Protection Inactivity Expiration time from the default of three months. This will avoid the build-up of unread messages and hence reduce disk space usage. To do this from the administration console: