Symantec Encryption Management Server generates a "cannot parse message" warning in the mail log when certain inbound messages are processed.

Such messages are passed through Symantec Encryption Management Server without any processing. Therefore, if the message is not encrypted, the recipients can read the messages without an issue using their mail client. However, if the message is encrypted, the recipient will receive the message in an encrypted state and may not be able to decrypt it.

The mail log contains an entry like this:

2016/08/30 11:10:09 +01:00  WARN   pgp/messaging[6497]:       SMTP-00001: cannot parse message: PGPError #-12569

Symantec Encryption Management Server acting as a mail proxy.

The SMTP data of the inbound message may contain an error.  For example, in the extract below the raw data contains a duplicate of the Content-Type entry within the same boundary and this would cause a "cannot parse message" warning in the mail log:

MIME-Version: 1.0
Content-Type: multipart/mixed; boundary=94eb2c116a7a423f7a053b5e942a
Message-ID: <[email protected]>

--94eb2c116a7a423f7a053b5e942a
Content-Type: text/html; iso-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; iso-8859-1

Messages that cannot be parsed by Symantec Encryption Management Server are passed to the "Exception" policy chain. This chain contains a rule called "Passthrough Inbound Message" which by default has an Action of "Send clear (unencrypted and unsigned)". It is this rule that is triggered by a message that cannot be parsed.

To enable such messages to be parsed and therefore processed correctly, the sender needs to correct the syntactical errors in such messages.