Some PDF Messenger emails may fail to send some PDFs with exceptions on PGP Server
search cancel

Some PDF Messenger emails may fail to send some PDFs with exceptions on PGP Server

book

Article ID: 246868

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption Encryption Management Server Endpoint Encryption File Share Encryption Gateway Email Encryption PGP Command Line PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK

Issue/Introduction

Symantec Encryption Management Server (PGP Server) has observed a rare condition when certain PDFs are not able to send and will bounce.  Upon reviewing the debug logs, the following exceptions are observed:

"2022/06/23 16:25:45 -05:00 ERROR pgp/messaging[28092]: SMTP-00020: error handling SMTP DATA event: existing PDF attachments could not be encrypted
2022/06/23 16:25:46 -05:00 DEBUG pgp/messaging[28092]: SMTP-00020: exception location:
2022/06/23 16:25:46 -05:00 DEBUG pgp/messaging[28092]: SMTP-00020: #0 Ovid::BoomerangEngine::makeEncryptedPDFMessage(Ovid::BoomerangEngine::BoomerangUserInfo const&, std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, s from /lib/libovidserver.so.0
...
std::list<Ovid::BoomerangBounceRecipient, std::allocator<Ovid::BoomerangBounceRecipient> 
...
2022/06/23 16:25:46 -05:00 DEBUG pgp/messaging[28092]: SMTP-00020: SMTP Data ProtocolEvent returning with error -11980 (unknown error)
2022/06/23 16:25:46 -05:00 INFO pgp/messaging[28092]: SMTP-00020: pgpproxy: Error processing SMTP message, awaiting next client command. (-11980)."

Environment

Symantec Encryption Management Server (PGP Server) 10.5 and above.

Resolution

Upon further review, it appears that only some PDFs cause this issue. 

Symantec Encryption Engineering is currently reviewing this issue. 

If you are running into this issue, reach out to Symantec Encryption Support for further guidance and mention this article.

 

There is a workaround to bypass the exception and send the messages out successfully.  Upon logging into the PGP Server, locate the PDF rules that are invoked when sending encrypted email.  Go to the Actions tab of the mail rule and check the box to encrypt both the body of the messages as well as the attachments.

When this is done, the entire email is encapsulated into a "PGPMessage.pdf" that is encrypted and the exception is no longer seen.

Alternatively, if you open the PDF, and re-author the PDF, this can sometimes resolve the issue. 

 

Important Note: If you wish to have both the body and the attachments encrypted, it is recommended you always have this check box enabled anyway to ensure that under all conditions all the content will be encrypted.

The use case to not have this box checked is if you want the email body left unencrypted and only the attachment encrypted.  This could be a form letter that contains generic information, but then the actual PDF is what contains the sensitive data.  If you are unsure if the body could contain sensitive data or not, it is a better idea to encrypt both the body and the email so that all the data is secured. 

Additional Information