08-03-2010 04:23 PM
As a few of my customers and testers have asked, but not found an answer, I thought I'd ask here...
It seems that if a BES receives a PGP encrypted message that has a destination of one of its devices, if the BES does not have the PGP licenses enabled (or activated, or whatever), the original message is stopped and a generic message with a body of "This message was encrypted with PGP but your device cannot decrypt it. Please read this message on your desktop" is sent to the device.
Is there a way in the BES to turn off this filtering? I would like the PGP-encrypted message passed 'as is' to the device so it can be processed there by software.
08-06-2010 08:06 AM
That doesn't make any sense to me, because that means there's no option to turn off an "email blocking-type" feature. Not everyone would want PGP messages removed from the user's input and shown a generic message instead.
Anyone with knowledge about the server (RIM?) care to comment?
08-06-2010 08:57 AM
The purpose of PGP Encryption is to allow oraganizations to extend message encryption and verification offered by the PGP Universal Server to the BlackBerry smartphones. In order for a PGP encrypted message to be read, the receipient needs to have installed the PGP Support Package for the BlackBerry smartphone. Without so, they will receive an error message. There is no way to disable of filter this message and just have the recipient receive the message as regular. This would defeat the purpose of senders being able to send PGP encrypted messages and the extended messaging security.
You want to read more about PGP Encryption below I provide you with the PGP Support Package for BlackBerry Smartphones Version 5.0, Security Technical Overview.
08-06-2010 11:04 AM
The purpose of PGP Encryption is to allow oraganizations to extend message encryption and verification offered by the PGP Universal Server to the BlackBerry smartphones.
False. Completely false. What about individuals who rent a BES service so they can get push email? Look up what PGP is (hint: RFC 2440/4880), and you will see that neither Symantic nor RIM own it.
In order for a PGP encrypted message to be read, the receipient needs to have installed the PGP Support Package for the BlackBerry smartphone. Without so, they will receive an error message.
False again. I have written a program that does PGP on the Blackberry devices (Atomichelix OpenPGP for Blackberry) which works great. However, since the BES is preventing the original message from actually *getting* to the device on a BES (sending works fine), the message never gets decrypted. This isn't an error, this is blatant filtering by the BES to prevent PGP-encrypted messages from being displayed. Maybe they do this as a 'user feature', so the user doesn't see the garbage encoding and wonder what it is, but anyone getting a PGP message will know what it should look like encoded.
There is no way to disable of filter this message and just have the recipient receive the message as regular. This would defeat the purpose of senders being able to send PGP encrypted messages and the extended messaging security.
False, yet again. Well, maybe not on the disabling of the filter (that's why I've asked the question about it), but how on earth would it defeat the purpose of a sender's ability to send PGP messages or the 'extended message security'?
I don't know if you are a PGP/Symantic shill or not, but everything you posted was complete FUD. I would almost liken the ability for the filtering flag not being present as anti-competitive as WIndows and IE -- the "required" integration between the PGP/Symantic BES solution and requiring it for using PGP is just that -- illegal.
So, I'm asking again: is there a way to flip the flag on a BES to just let messages pass through *untouched and completely as they should be*? If not, will there be? I have a hard time believing RIM omitted it on purpose, but was probably an "oversight", but one never knows (as they have decided on OS 5.0 that all ".asc" files are only going to be processed by their software for some reason).
No more FUD, please -- just real answers.
08-17-2010 08:33 AM
I've got about a dozen people waiting for either an affirmative or negative on the ability to turn off the BES PGP message filtering. Does anyone actually know if it's not possible to do?
I'm rockin the BlackBerry Passport, Z30, Z10, Q10, BlackBerry Mini Stereo Speaker, 64 gig PlayBook, BlackBerry Wireless Headset HS-700
08-17-2010 09:27 AM
I never used PGP, but you could call in support.
Sign up for free to the BlackBerry Expert Support Center.
All at absolutely no cost to you or your organization!
The BESC gives you a suite of valuable tools, and includes a Complimentary Support Incident should you need to contact BlackBerry Technical Support directly.
BESAdmin's, please make a signature with your BES environment info.
BES 5.0.4 and BES 10.2.2 with Exchange 2010 and SQL 2008