Encryption of Draft Messages

 

If you have been following my posts on Public Keys and email then the following my be of interest.

To add more security to your system you can encrypt any messages saved in your Drafts folder (Thunderbird).   As per

This is perhaps useful as some messages such as those on IMAP mail servers will be stored on the actual server as draft  Confidential information could be exposed if the security of that server was compromised. Oddly however sent items are also stored and unless encrypted would also be exposed or vulnerable.

If you start typing a new message in the compose window then save (so you can carry on later).  As expected a copy goes in to Drafts,  as you are encrypting the e-mail it will be renamed Encrypted message.   You would normally save either so you can type a long message and mitigate against losing your message if, for example, there is a power loss or system error.

For some reason however once saved, you end up losing your original subject header,  so if you close the Compose window and Thunderbird,  re-open the message(click edit),  and retrieve from Drafts, you can carry on typing your message but the subject is now Encrypted Message.  So you need to change this manually.

I am not sure if this is the intention.

I have started a thread on the Debian user mailing list to see if anyone else has a similar issue. For reference this is: – [Thunderbird + Enigmail + saving draft with encryption]

So the steps taken for this are :-

steps i take are as follows:

With that option enabled,  (encrypt message in drafts folder)

Create new e-mail

Enter subject header

 Save (so that the message is stored in to drafts)

Check drafts folder to see what the message is named

close TB and message compose window(s)

Re open TB,  click Drafts,  edit message, (it will be in there as
Encrypted Message)

Rather than the message reverting to back the original subject header
you entered earlier it is now Encrypted Message,

so Manually edit

Additional information

System information

Thunderbird 60.4.0 (64-bit)

Enigmail 2.0.9

Distributor ID:    Debian
Description:    Debian GNU/Linux 9.7 (stretch)
Release:    9.7
Codename:    stretch


Linux zleap 4.9.0-8-amd64 #1 SMP Debian 4.9.130-2 (2018-10-27) x86_64
GNU/Linux

Also work noting I am using Debian non-free.

I am not sure if this is meant to happen, however I would sort of expect the message subject to either be restored or at least the user given a warning or reminder about this.

I am on the #debian on OFTC irc network if anyone can perhaps or discuss further with any developers.  I am just an end user, so probably can’t help that much other than report the issue and help test or figure out what exactly is happening.

Possible solutions to this are perhaps:

Keep the message subject as it is, and append with [Encr] for example.

Warn the user that the message is renamed as Encrypted Message.

When reloading the message, detect this and remind the user to rename it.  Given that TB can detect if a  user has manually turned off or turned on signing this should be possible.

Store the original subject header somewhere and restore this automatically upon reloading for editing.

Perhaps an option to encrypt any sent items too,  again the subject should be kept and just appended.