-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
I've checked it again. Write, wait it to be saved, close and open your email via web-mail. And thats my draft in cleartext on mailtor.net server:
Testing draft.
Icedove 17.0.10 Enigmail 1.6 TorBirdy 0.1.2
That's it.
Nima Fatemi:
It doesn't have anything to do with TorBirdy.
I did not say it is TorBirdy fault.
But yes it has everything to do with TorBirdy. It is an anonymity and security tool and tries avoid leaks. Maybe you just don't see it as a leak.
Anyway the users must know it may happen.
All you really have to do, is to have Encryption on by default in Enigmail. Your drafts are now going to be encrypted. Problem solved!
Sukhbir Singh:
By default, Enigmail saves an encrypted copy of the message. This is the default setting [1] and I think it also confirms this when it saves an encrypted message for the first time. TorBirdy does not modify this setting so it should be enabled by default for Enigmail.
Enigmail asks to save an encrypted draft *only when you enable encryption* to that message. If you forget to set the encryption and write it will be saved in cleartext without asking anything.
When you are sending the email Enigmail asks if you really wanna send unencrypted, but the draft already have been sent unencrypted on the IMAP server.
Enigmail should ask *always* when saving a draft remotely. Even locally it should.
And TorBirdy should help prevent this to happen.
griffin@cryptolab.net:
Now Thunderbird is set to *not* automatically create/save drafts. Works like a charm. =)
That should be default set by both Enigmail and TorBirdy. Also should set to save locally, instead of remotely, if the user wants to save a draft.
- -- arkmd DeepBlog | A verdade nua crua e distorcida http://xzzpowtjlobho6kd.onion/
OpenPGP Public Key: http://xzzpowtjlobho6kd.onion/arkmd.asc 4096R: 0461 DF2C B6B7 6059 7529 77E0 04CD FE83 766B 8DA6