The PGP Server (Symantec Encryption Management Server) has the capability to send Web Email Protection messages to recipients who do not have a PGP Key. This is done via a secure inbox feature that is all inclusive of the PGP server. A Messaging license/SKU is needed to take advantage of this feature, but can be done even if the PGP server is not in the mailstream.
In order for this functionality to be available, the PGP Server needs to be able to send an email outbound to some server that is in the mailstream, such as an MTA. The PGP Server may not be in the full mailstream (such as Exchange --> PGP Server --> MTA), but the PGP Desktop client needs to have the messaging component enabled and the "Out Of Mail Stream" (OOMS) feature enabled.
When the PGP Desktop client sends the message and it is to be encrypted, the result if a Key Not Found policy is triggered should be Web Email Protection and if that is the case, the PGP Desktop will encapsulate the message to the PGP Server, and the PGP Server in turn will send a WEP message.
To do this, you need to have the policy enabled in the Desktop Consumer Policy that applies to the user:
Ensure the mail rule is configured to send a Web Email Protection email when a PGP Key cannot be found: