When attempting to send a file from a Symantec File Share Encryption (previously PGP NetShare) protected directory by right clicking the file and selecting Send To > Mail Recipient, the files are not retaining the File Share Encryption wrapper, or simply attaching the Symantec File Share Encrypted file to an email, such as Microsoft Outlook.
Normally adding both the executable for the mail client and Explorer.exe to the application black list would prevent the file from being decrypted.
The observed behavior if Explorer.exe is added to the black list that files will not inherit the encryption wrapper from any File Share Encryption folder they are copied or moved into.
The behavior that files are automatically decrypted depending on how and where the files are moved to is known behavior and is working by design. For more information on these behaviors, please see article TECH149867.
A Feature Request has been submitted for this functionality.
Symantec Corporation is committed to product quality and satisfied customers. Support has worked directly with Product Management and has determined this feature will not be included at this time. Please subscribe to this article for any updates. To be added to this Feature Request, please contact support who will track specific customer requests therein.
The following are known workarounds for this scenario:
This issue can be temporarily resolved by encrypting files, saving a copy outside of File Share Encryption, and then using PGP Zip to encrypt the file before emailing it as an attachment.
Another workaround is to add the mail application to the blacklist on Symantec Encryption Management Server under the Consumer Policy the users are applied to. For example, if the mail client was Microsoft Outlook, then in the policy, "Prevent the automatic decryption of files by the following applications", add "outlook.exe", as well as "fixmapi.exe". This will then keep the files encrypted when attaching to an email.
For more information on Blacklisting, please see the Symantec Encryption Management Server Administrator's Guide.
TECH229057 - FEATURE REQUEST: Prevent any applications from automatically decrypting File Share Encrypted files when handled by third-party applications INFO3482 - FEATURE REQUEST: Add feature Parity for Symantec File Share Encryption Standalone clients for White and Blacklisting applications.
Imported Document ID: TECH181705
Subscribing will provide email updates when this Article is updated. Login is required.