Enable Enigmail by default if a GnuPG secret key is detected

Originally created by @segfault on #15658 (Redmine)

It was reported that a user accidentally sent sensitive content via email in cleartext because they somehow lost their persistent Thunderbird settings, and when they added their email account to Thunderbird again, they forgot to enable Enigmail in the preferences, and sent a sensitive email in cleartext.

I think issues like this could be easily prevented by enabling Enigmail in Thunderbird by default (that is Account Settings -> OpenPGP Security -> Enable OpenPGP support (Enigmail) for this identity). In effect, when writing an email for which no secret gpg key was found, it will display the red warning “This message will be unsigned and unencrypted”.

This could be achieved by simply creating /etc/skel/.thunderbird/profile.default/prefs.js with this content: user_pref("mail.identity.id1.enablePgp", true);.

Attachments

Enigmail Alert No usable OpenPGP key.png

Related issues

Related to #15602 (closed)
Related to #10436 (closed)
Related to #15746 (closed)

Edited May 21, 2020 by segfault

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information