#885 Enigmail affects default encryption policy of s/mime-only accounts

[Jan Kiszka]

When the Enigmail plugin is active, replying to an s/mime encrypted messages no longer turns encryption on for that reply. Rather, I have to manually select that mode. And that is even the case when OpenPGP is turned off on that account. When disabling Enigmail, Thunderbird shows the configured behaviour: new messages are unencrypted by default, replies derive the settings from the incoming message.

Turning S/Mime encryption on for all messages also "resolves" this, but that's not the desired behavior.

[Patrick Brunschwig]

Yes, that's correct. Enigmail does modify the S/MIME behavior. The idea is that the Enigmail settings, such as opportunistic encryption also apply to S/MIME. In other words, your Enigmail settings for whether or not to enable encryption if possible also apply to S/MIME. If you enabled "encrypt if possible", then S/MIME encryption will automatically be enabled if a cerificate is available for all users.

It may be though that I didn't correctly apply the case "reply to encrypted message" (which would again depend on the corresponding Enigmail setting).

[Jan Kiszka]

Ah, interesting.

Another data point: This used to work fine with Enigmail, but I missed the exact point when it became broken. It changed in the past months, maybe 6 months ago most, but there was a distro update from me in that window as well (SUSE 42.2 -> 15.0).

Let me know if you need further details about my settings. I originally had OpenPGP enabled for that account as well, just defaulting to S/MIME. And "reply encryptedly" (or how it's called was on then as well. That had no effect any more since the issue popped up, and I tried a lot of combinations, all in vain.

[Patrick Brunschwig]

Fixed in Enigmail 2.1: depending on the Enigmail preference "Encrypt replies to encrypted messages", S/MIME encryption is enabled or not.