Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why does Thunderbird try to enable end-to-end encryption with almost everyone even though I don't have keys corresponding to them?

  • 3 iimpendulo
  • 1 inayo le ngxaki
  • 1 view
  • Impendulo yokugqibela ngu christ1

more options

Hey all -

Pretty much what the title specifies. I've got a locally-installed copy of Thunderbird here, and it is somewhat erratic in who it tries to send email messages to encrypted - sometimes it merely signs them (which is the expected, desired behavior), and other times, it assumes that I want to encrypt messages between me and this correspondent. One problem: I literally do not have any GPG/PGP keys on my system for anyone but myself, and I don't even have "Require encryption by default" selected in my account's "End-To-End Encryption" settings under "Account Settings".

For what it's worth, I'm very glad that Thunderbird has added GPG/PGP encryption by default, but so far Enigmail's implementation worked very well. It would automatically - and correctly - identify if you HAD a user's public key, and then encrypt correspondence between you and them, and otherwise (if lacking a corresponding public key) would simply sign emails. This worked perfectly for years. Hopefully I'm just missing a setting, but it'd be nice to get this to stop.

I've attached some screenshots with examples of what I'm getting, and what my settings are.

Hey all - Pretty much what the title specifies. I've got a locally-installed copy of Thunderbird here, and it is somewhat erratic in who it tries to send email messages to encrypted - sometimes it merely signs them (which is the expected, desired behavior), and other times, it assumes that I want to encrypt messages between me and this correspondent. One problem: I literally do not have any GPG/PGP keys on my system for anyone but myself, and I don't even have "Require encryption by default" selected in my account's "End-To-End Encryption" settings under "Account Settings". For what it's worth, I'm very glad that Thunderbird has added GPG/PGP encryption by default, but so far Enigmail's implementation worked very well. It would automatically - and correctly - identify if you HAD a user's public key, and then encrypt correspondence between you and them, and otherwise (if lacking a corresponding public key) would simply sign emails. This worked perfectly for years. Hopefully I'm just missing a setting, but it'd be nice to get this to stop. I've attached some screenshots with examples of what I'm getting, and what my settings are.
Iqhotyoshelwe imifanekiso ekwisikrini

All Replies (3)

more options
I don't even have "Require encryption by default" selected in my account's "End-To-End Encryption" settings under "Account Settings".

This is a per account setting. Are there multiple accounts? If so, you may have turned on "Require encryption by default" for one or more accounts, but not for others.

... so far Enigmail's implementation worked very well. It would automatically - and correctly - identify if you HAD a user's public key, and then encrypt correspondence between you and them, and otherwise (if lacking a corresponding public key) would simply sign emails.

TB's current OpenPGP implementation does not support 'encryption if possible' as Enigmail did.

more options

Seems like a bit of an oversight on their part to roll it out like that without that kind of basic feature parity, but that's fine.

Unfortunately, no, that does not solve my problem - mine is the only account set up in this instance of Thunderbird. :/

Should I file a bug?

Ilungisiwe ngu Bean-Spoil

more options

The behavior you describe sounds odd, and I've never seen that before. I'd suggest to create a new profile, start TB with the new profile, and set up your account. Do you still see the problem?

You may also post your question to the e2ee mailing list. https://thunderbird.topicbox.com/groups/e2ee