we used PGP decryption at the Ironmail 6.7.2 and now at the MEG 7.5.2. I imported the PGP certificates from the Ironmail into the MEG.
Incoming mails get decrypted but the subject get not restored. The PGP mails we are get are the same like the Ironmail processed. There must be a subject in it.
I found the KB77266:
It looks "The original headers will be restored when the decryption MEG Appliance decrypts the original message."
The MEG it doesn't restore the subject?
Or is there some things I missed at the PGP configuration. I done the KB76387 for configure PGP.
use someone PGP encryption at the MEG at all?
I have a ticket at the Support open, but it takes ages to get forward with this.
Maybe it helps to get some ideas what it can be, when I share some informations about my troubleshooting in this case at the community in parallel.
Some facts about this:
We use Lotus Notes e-mail client and server, but the encryption and decryption is done by the MEG only. Also the encrypted mails we get are build at a Lotus Notes e-mail client.
To figure out, that maybe the e-mail format is the problem to "render" this e-mails in PGP I tested with Thunderbird (24.5.0) an Enigmail (1.6).
Then, are outgoing e-mails get encrypted correct with subject, but incoming e-mails don't get reconized by the MEG and so they go through the MEG and ending encrypted at the Inbox.
The conversation log doesn't help, so I will try to get some more informations via the debugging.
Any further help is welcome, to troubleshoot this behavior.
my ticket is still under investigation. At the moment this issue is forwarded to the development team.
I will keep the community updated too.
I got an update from the support team. It seams now, this is not longer a bug!!
That's the information I got:
At the time when the product spec was being put together for MEG-7.0 the product spec did not identify any third-party server-to-server S/MIME & PGP (neither of which are formally standardized) products with which we needed to interoperate.
As a consequence engineering produced what we considered the simplest and most secure implementation.
Therefore the issue you reported constitutes a feature change, rather than a product defect. MEG is working as designed.
I opened a Product Enhancements Request (PER). Will see what's happen now.
The workaround I be told is not really an option for me. At the moment I have no idea how I can bypass PGP encryption at the MEG.
In the meantime I setup a workaround for our environment. I installed a different PGP appliance and reroute all the encrypted traffic to them. This PGP gateway works perfect with all 3th party servers/clients.
I'm not sure when McAfee will provide a usable PGP function. At the moment it is not more then a nice line at the white paper!
I opend a PER (28476) at the 23th of June and this is still in state "Not yet Reviewed". I believe there will be no progress in the next time.
Some news from the support about the fix for PGP:
This is currently planned for the next release of MEG software (7.6 Patch 3 and 7.5 Patch 4).