By default in the Symantec Encryption Management Server (PGP Server), the sending address for Daily Status emails is:
do-not-reply@hostname
where hostname is the Hostname listed on the System / Network page in the PGP Server administration console. For example, if the Hostname is keys.example.com the sending address will be:
The sending address used for Enrollment emails and Message Templates is:
pgp-universal-admin@domain
where domain is is the domain of the Hostname listed on the System / Network page in the PGP Server administration console. For example, if the Hostname is keys.example.com the sending address will be:
Enrollment emails are sent when the PGP Server does not enroll clients using Active Directory authentication.
Message Templates are listed under Mail / Message Templates in the administration console. Most of the templates are related to Web Email Protection and PDF Email Protection. For example:
The default sending addresses can be changed. This is particularly important for the address used by Web Email Protection and PDF Email Protection. This is because email addresses beginning with pgp-universal-admin@ are likely to be classified as spam by the large email providers such as Gmail.
In addition, the sending address should be valid. This is because if a Web Email Protection or PDF Email Protection notification message is sent to an address and the email bounces, the recipient's mail server will attempt to send an undeliverable notification back to the sender. If the sender's address is also invalid, it results in backscatter. This too will cause the large email providers to classify mail from the sending address as spam. To prevent this, associate the sending email address with an unattended mailbox or a black hole.
You will need to connect to PGP Server over SSH in order to change these email addresses. In a clustered environment, you need to make the changes on each cluster member.
Important Note: As these commands are done via SSH, it is very important to not enter these commands incorrectly. Doing so could cause unexpected behavior with the PGP Server and could cause these emails to fail. Please do not hesitate to open a support case if you need assistance.
Below are some examples.
Warning: Before running any of the below commands, make sure you run through the following steps to make a copy of the files used:
Step 1 Command:
cp /etc/ovid/prefs.xml /etc/ovid/prefs.xml-backup-month-year
Step 2 Command: Validate there are no differences between the original and backup:
diff /etc/ovid/prefs.xml /etc/ovid/prefs.xml-backup-month-year
Step 3 Command:
Check to see which value changed after making changes to the original file:
diff /etc/ovid/prefs.xml /etc/ovid/prefs.xml-backup-month-year
These command above apply to the scenario you would like to address. Run only one of these
Section 1: Web Email Protection Invites and Enrollment Emails
Scenario 1 of 2: To change the sending address for enrollment emails and Message Template emails from [email protected] to securemail@example.com copy and paste the following commands:
sed -i 's|<email-from-address>pgp-universal-admin|<email-from-address>securemail|' /etc/ovid/prefs.xml
pgpsysconf --restart pgpuniversal
Scenario 2 of 2: To change the sending address for enrollment emails and Message Template emails from [email protected] to securemail@example.net (note the change of email domain), copy and paste the following commands:
sed -i 's|<email-from-address>pgp-universal-admin|<email-from-address>[email protected]|' /etc/ovid/prefs.xml
pgpsysconf --restart pgpuniversal
Section 2: Daily Status Email for PGP Administrators
Scenario 1 of 2: To change the sending address for Daily Status emails from [email protected] to [email protected] copy and paste the following commands:
sed -i 's/ovid.daily.status.email.from=do-not-reply/ovid.daily.status.email.from=encryption.admin/' /etc/ovid/omf.properties
pgpsysconf --restart tomcat
Scenario 2 of 2: To change the sending address for Daily Status emails from [email protected] to encryption.admin@example.com (note the change of email domain), copy and paste the following commands:
sed -i 's/ovid.daily.status.email.from=do-not-reply/ovid.daily.status.email.from=encryption.admin/' /etc/ovid/omf.properties
echo "ovid.daily.status.email.domain.override=example.com" >> /etc/ovid/omf.properties
pgpsysconf --restart tomcat
If any of the above scenarios are not clear, please reach out to Symantec Encryption Support for guidance and we can help you run the command you may need to run.