This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

e2ee - unsigned & not encrypted sent, reciever shows unsigned & encrypted!!

  • 8 cavab
  • 0 have this problem
  • 4 views
  • Last reply by adrian100

more options

Hi, I have configured 2 accounts for E2EE using OpenPGP. I can send signed emails &/or encrypted messages between the 2 accounts. However, if I send a "normal" message i.e. no signing & no encryption selected, it arrives as not signed (correct), but encrypted according to the "Show message security" icon. If I send a normal message to an account that has no known encryption setup, then the message arrives and the "Show message security" button is missing (correctly).

Any ideas why this is happening? Thanks for your help.

Hi, I have configured 2 accounts for E2EE using OpenPGP. I can send signed emails &/or encrypted messages between the 2 accounts. However, if I send a "normal" message i.e. no signing & no encryption selected, it arrives as not signed (correct), but encrypted according to the "Show message security" icon. If I send a normal message to an account that has no known encryption setup, then the message arrives and the "Show message security" button is missing (correctly). Any ideas why this is happening? Thanks for your help.
Attached screenshots

Chosen solution

Hi, your question led me to check my provider and I found the following "Automatic Encryption: If you are using our outbound SMTP service and sending unencrypted messages, then we will automatically attempt to encrypt messages on a per-recipient basis using Web Key Directory ("WKD").". I am in contact with them to delve more deeply into their functionality, but this would explain the effects I´ve been experiencing. Thank you for your support & patience. We can close this issue.

Read this answer in context 👍 0

All Replies (8)

more options

Check your settings. There is an option 'Automatically enable encryption when possible'.

Helpful?

more options

Hi christ1, thx for your reply. The suggested option is not selected on either account.

In the meantime, I have (theoretically) removed e2ee by setting the option "None - Do not use OpenPGP for this identity" for both identities. The effect was the same, the receiver believes that the message was encrypted or at least that is what the Message Security status button says.

I also removed the option to encrypt the subject, but this also had no effect.

How can I check whether the message was actually encrypted or not? Could this just be that the Message Security status button is being shown based on e2ee history of the identity and not on the actual encryption status of the message?

Thx again for the support.

Helpful?

more options
How can I check whether the message was actually encrypted or not?

You can check the copy of the sent message in your Sent folder.

Helpful?

more options

None of the Sent messages have the Message Security button, so I assume that they were not sent with any encryption or signatures included.

Then I guess that the Message Security button shown by the receiving identity is being shown due to some history rather than what was actually received or how do you see it?

Helpful?

more options

Frankly, I have no idea what's happening at the receiving end. But I doubt that the button is shown due to history.

Helpful?

more options

Following on from the previous situation, I created new Thunderbird profiles for the 2 accounts previously mentioned. I then setup the mail accounts, but did not set up E2EE for either of them, so all E2EE settings are greyed out.

Account A sent a mail to account B, the encrypt button next to send is greyed out. After sending the mail, the message in Sent looked like normal text and the message source mentioned nothing about encryption. Account B received the mail, but couldn´t decrypt it because the secret key is missing according to the error message!

Account B sends Account A unencrypted messages, which are readable by Account A without any keys/decryption.

Although neither account has PGP setup, Thunderbird is performing some sort of encryption in the background. The idea of creating new profiles was to completely reset Thunderbird, so that no previous settings e.g. PGP are known!! Doesn´t seem to work and E2EE doesn´t seem to adhere to the settings.

Any ideas what to try next?

Helpful?

more options

Are you using some sort of encrypted email service, e.g. like Proton? Or are you running any 3rd-party software which would encrypt a message after sent unencrypted from Thunderbird?

Helpful?

more options

Seçilmiş Həll

Hi, your question led me to check my provider and I found the following "Automatic Encryption: If you are using our outbound SMTP service and sending unencrypted messages, then we will automatically attempt to encrypt messages on a per-recipient basis using Web Key Directory ("WKD").". I am in contact with them to delve more deeply into their functionality, but this would explain the effects I´ve been experiencing. Thank you for your support & patience. We can close this issue.

Helpful?

Sual ver

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.