On Sun, Oct 16, 2016 at 10:08 AM, Jim <jimmy...@copper.net> wrote:
> ban...@openmailbox.org wrote:
>> For security its recommended to compose messages outside the e-mail
>> client. There were at least two incidents where plaintext was leaked (claws
>> mail saving drafts unencrypted and Enigmail sending unencrypted messages).
> Would you post links about these incidents? (My google-fu may be a
> little weak, assuming these are recent incidents.)
I may be remembering the wrong incident, but I thought the Engimail issue
was (arguably) a little less serious than that - it was sending certain
headers unencrypted, so whilst the content was still encrypted there was
additional metadata available for analysis. Not great for sure, but a
little lower on the scale than described (and if that bug were still
present, composing in a text editor still wouldn't help). Might be some
other bug though?
The claws thing was bug 2965 -
when sending a mail, the unencrypted version was written to the Queue
folder (and written to the server via IMAP) before being encrypted and sent.
I recall seeing something similar and less MUA specific as well, again
relating to the fact that drafts were being saved to the server, can't
remember where I saw that but here's an OS X specific one -
tor-talk mailing list - firstname.lastname@example.org
To unsubscribe or change other settings go to