When composing a new message, selecting "encrypt message" will cause attachments to be also encrypted. This is the correct, expected behavior. However, if encryption is not manually selected and a message comprising attachments is sent AND the option "automatic encryption" ("Nachrichten möglichst automatisch verschlüsseln")is selected and the key of the receiver is known, a pop-up is displayed, asking whether you want to encrypt the mail. This is also correct. HOWEVER: if you select yes, kmail will only encrypt the message body, not the attachments and will send out the unencrypted attachment without asking further questions. Expected behaviour: attachments are also encrypted Reproducible: Always Steps to Reproduce: 1. In the settings, under security, select "automatic encryption" ("Nachrichten möglichst automatisch verschlüsseln") 2. Compose a mail to a sender having a known gpg key 3. Attach a file to the message 4. send the massage, when asked whether you want to encrypt the message, select yes Actual Results: Message body will be encrypted, attachment will be sent in clear , defeating the purpose of sending encrypted mails Expected Results: Message body ant attachments are encrypted
I just confirmed this with KMail2 4.14.3 on Arch linux. I sent a message and was able to read the attachment in the clear from my mail client. If confirmed further, this is a serious problem.
I confirm it. I look at it.
Git commit 626c857eb30c0533a4de7836ee843caaa8c00a26 by Montel Laurent. Committed on 03/12/2014 at 21:54. Pushed by mlaurent into branch 'KDE/4.14'. Fix Bug 340312 - Attachments are not encrypted when "automatic encryption" is selected FIXED-IN: 14.12 M +2 -6 messagecomposer/composer/composerviewbase.cpp http://commits.kde.org/kdepim/626c857eb30c0533a4de7836ee843caaa8c00a26