ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

PGP Message Blocked when sending email in Outlook

book

Article ID: 225360

calendar_today

Updated On:

Products

Endpoint Encryption Desktop Email Encryption Drive Encryption Encryption Management Server File Share Encryption Gateway Email Encryption

Issue/Introduction

When attempting to send an email in Outlook, the following message appears:

PGP: Message is blocked - connection to tray failed.

Resolution

Troubleshooting Prerequisite: Go through the process of disabling the "blockmailifinitfailed" parameter to see if doing so allows email to be sent.  If you disable this option, email will be sent, but if the PGP services are not initialized properly, the messages could go out unencrypted.  Once this option has been disabled (no reboot necessary), close out of Outlook, and exit all the PGP services.  Then re-launch the PGP services and wait a few minutes.  Then send an email and put in "[PGP]"  (with square brackets, but excluding the quotes) in the subject, which is typically used to force encryption.  If there are no logs for email activity then this would indicate the services for PGP services are not launching at all and the popup is actually correct.

At this point, proceed with the rest of this article to narrow down what could be causing this issue. 

 

Troubleshooting Step 1: This error indicates there may be something blocking the PGP application in some way.  Although the PGP services may appear to be running, check to see if any third-party security applications may be preventing these binaries of the Symantec Encryption Desktop client from loading properly.  See the following article for a comprehensive list on these binaries:

200696 - Symantec Encryption Services - Add Symantec Encryption programs to safe list or exclusions in security software

 

Troubleshooting Step 2: As a test, attempt to disable the "blockMailIfInitFailed" parameter and close and re-launch Outlook to see if this will send the message.  For information on how to do this, see the following article:

172697 - Email messages are sent unencrypted when Encryption Desktop PGP Tray is not running



Troubleshooting Step 3: 

Additionally, check to see if the PGP Plug-ins are related to this issue.

Check in the PGP Options and see if the "Enable PGP encrypt and sign buttons in Outlook" to see if it's checked.

To get into PGP Options, either click the gray padlock icon by the time, and then click "Options...", or open Encryption Desktop, Click Tools, and then Options:

 

 

Toggle this setting, and then close Outlook and restart Outlook (If the plug-ins are checked, uncheck and restart Outlook).

Resend the message to see if the same message pops up.

Check the Add Ins in Outlook to see if they are loaded.

 

Troubleshooting Step 4: Try disabling Secure Boot in the BIOS and reboot the system to see if this has any effect on this issue.

 

Troubleshooting Step 5: Check to see what may have changed in the environment, such as Windows updates that may have been applied, did new security rules get put into place when this happened?  Does this error show up for all users, or only one?


Troubleshooting Step 6:  Enable the full debug logging "F3F" and then reproduce this error and provide to Symantec Encryption Support.  

180838 - Enabling verbose level logging in Encryption Desktop for Windows


Troubleshooting Step 7: Check the AppInit_DLLs registry to see if PGP MAPI plug-in is listed properly or if there are any other drivers listed:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs

If "PGPMapih.dll" is the only one listed, this is normal.  If there are other items in here, see if moving PGP to the front of the other drivers may help (reboot is needed after switching the order).

Attachments