Hi Mehmood,
Yes you can. You can use for this purpose a Symantec Encryption Management Web Email Protection.
So all users who are not part of your domain will be an external user for SEMS.
Please be familiar with the following KB:
Symantec Encryption Management Server 3.3.0 Administrator's Guide
http://www.symantec.com/docs/DOC6202
(page 14, Other Email Users)
First, the Symantec Encryption Management Server attempts to find a key for the recipient. If that fails, there are four fallback options, all controlled by mail policy: bounce the message back to the sender (so it is not sent unencrypted), send unencrypted, Smart Trailer, and Symantec Encryption Web Email Protection mail.
The quickest way is to:
a) enable on your SEMS - "Web email Protection" so navigate to Services and make sure that Web Email Protection is enabled.
b) add one rule to Mail > Mail Policy > Outbound > Add Rule
Name the rule for example "External Email Users". Set the priority for the rule as 1
Condition of the rule:
If none of the following are true: Recipient address contains (put your domain example: ag.dom)
Actions:
Send (encrypted/signed), encrypt to recipient's key
When suitable key not found use Web Email Protection
Preferred enconding format:Automatic
I have also attached this settings please so have a look into attachment.
HTH