Gmail uses multiple certificate names for SMTP and IMAP SSL certificates. Gmail also requires SSL to be enabled to connect to their mail servers. Symantec Encryption Desktop cannot proxy SSL traffic enabled within the mail client and causes problems with the connection.
Since Gmail uses multiple SMTP/IMAP servers and several different hostnames for the SSL certificates this causes multiple proxy services to be configured in Symantec Encryption Desktop, none of which will work.
You may be presented with a smiliar error to the following if you have SSL configured on the mail client. This means that you need to disable SSL in the Apple Mail client and then restart Mail.
This is due to the way Gmail handles the SSL certificates and having SSL enabled in the Apple Mail client instead of allowing Symantec Encryption Desktop to enable the SSL session. This requires you to setup on service with a * in the mail server settings to enable all the SSL certificates to that Gmail uses to work and proxy the connection.
1. Open Symantec Encryption Desktop by going to the finder App and clicking Applications > PGP.
2. Click PGP Messaging and delete any existing services configured there (they will typically have a service name something like this: pb-in-f108.1e100.net).
3. Click on Encryption Desktop and select Quit Encryption Desktop.
4. Open Apple Mail and go to the Mail account settings for the incoming mail server and outgoing mail servers found here:
Incoming Mail server (IMAP)
- Click on Mail
- Click on Preferences
- Go to Accounts
Note: If the Gmail account settings are not in there, configure them with the following information:
a) Description: Enter a name for the account
b) email address: Specify the Gmail account/email address that you wish to use such as: firstname.lastname@example.org
c) Full name: Your full name as you want it to appear on email
d) Incoming Mail Server: imap.gmail.com
e) User Name: Full gmail email address such as: email@example.com
f) Password: Gmail account password
g) Click on Advanced
- Uncheck the option to Use SSL (next to the port number)
- Leave the default port at 143
- Close the account settings window, when prompted, click Save
Outgoing mail server (SMTP)
- Go to Mail > Preferences.
- Select the drop-down menu next to the existing Gmail (offline) account under Outgoing Mail Server (SMTP) section on the Account Information screen.
- Click Edit SMTP server list.
Server Name: smtp.gmail.com
Select Advanced and make sure that it's configured for custom port 587
- Authentication: password
- User Name: full gmail email address example: firstname.lastname@example.org
- Password: gmail password
- Uncheck Use Secure Sockets Layer (SSL) option
- Click Ok
5. Open PGP Desktop and select PGP Messaging.
6. Click on Create New Service.
7. Configure the mail service with the following settings:
- Description - Gmail account
- Email Address - full gmail email address
- Incoming Mail Server: * (just an star nothing else - this uses a wildcard)
- Outgoing Mail Server: *
- Encryption Server: This is only valid if you are using a PGP Universal Server (not valid in a standalone setup). If you are a managed desktop user then there will be a drop-down menu to select your PGP Universal Server hostname
- Username: full gmail email address
- Default key: Default PGP encryption key that you would use for this account
- Click on Settings next to incoming mail server
Incoming Mail Server
- Incoming Mail Server: make sure it's set to *
- Protocol select IMAP from the drop-down menu
- Leave the port configured for automatic
- Under SSL/TLS select - Require SSL
Outgoing Mail Server
- Name: *
- Port: Automatic
- SSL/TLS: Require SSL
8. Click Ok
9. In Apple Mail, select Mailbox (top bar) and select "Take All Accounts Online"
You should see a prompt for Symantec Encryption Desktop asking you if you wish to secure the email.
If you are still seeing problems, a good place to troubleshoot is by turning on debug logging within Symantec Encryption Desktop. You can do so by opening Symantec Encryption Desktop and selecting Window then selecting Encryption Desktop Log. At the bottom of the screen where it says Logging Level, change that to debug. Then go back to Mail and go to Mailbox > Get all New Mail.
Mac OS X 10.7 and above
Symantec Encryption Desktop 10.2.1 MP4 and above
Apple Mail 5.2
Imported Document Id