This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Thunderbird 78: Peculiar email server setup

more options

I'm quite excited about the new built-in PGP support in Thunderbird! I'm trying to help folks out who use an email server with a peculiar setup, and their use case is falling through the cracks.

The email server allows internal communication only. (Cannot send email to, or receive email from, outside addresses.)

The email server manages PGP keys. Each user sees their own private and public keys, but not the public keys of other users.

All incoming email gets encrypted automatically, before being put into the recipient's mailbox.

When replying to such emails, Thunderbird encrypts the response by default, and the user has to deselect encryption every time. But in this setup, trying to encrypt the response will not work because people don't have the public keys of the recipients.

Any ideas how to make life easier for people?

I'm quite excited about the new built-in PGP support in Thunderbird! I'm trying to help folks out who use an email server with a peculiar setup, and their use case is falling through the cracks. The email server allows internal communication only. (Cannot send email to, or receive email from, outside addresses.) The email server manages PGP keys. Each user sees their own private and public keys, but not the public keys of other users. All incoming email gets encrypted automatically, before being put into the recipient's mailbox. When replying to such emails, Thunderbird encrypts the response by default, and the user has to deselect encryption every time. But in this setup, trying to encrypt the response will not work because people don't have the public keys of the recipients. Any ideas how to make life easier for people?

All Replies (2)

more options

I would guess "do not enable encryption by default" in account settings > End-to-End encryption would do it.

more options

Matt said

I would guess "do not enable encryption by default" in account settings > End-to-End encryption would do it.

Thank you very much, sir. TIL that I can right-click the account in the folder tree and then there is a "Settings" entry, and this brings up a screen that I hadn't seen before.

Unfortunately, it is already off. When sending a new message, it is not encrypted. But when replying to an encrypted message, the reply is encrypted by default.

This FAQ entry explains the rationale: https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_why-is-encryption-automatically-enabled-when-i-reply-to-an-encrypted-message I am totally following the logic there, but our peculiar server setup is falling through the cracks.