End to End Encryption on by default

[mkgtu]

I mentioned this in the bug report about orange contact chips, but it may have been overlooked.

Since the last update, the E2E is turned on in the account settings, but I NEVER TURNED IT ON MYSELF. Wouldn't have done so because I never use it - don't even know where or how to get a certificate.

Must have been turned on "by default". Ideally it should be "off" by default. And of course since it's on, there are the options under the "to" field in the compose window to turn off digital signing and encryption for each email.

Maybe it would be better for most just to use the options available in the compose window to turn "on" digital signing or encryption for a new message (if desired) while leave these turned off globally. I know I reply to a lot of commercial senders (magazines, notices from health provider, casual aquaintances),  none of whom would have certificates to be able to read my replies - if I forget to turn off those options.

But basically if these options were turned on for accounts by default in the recent update, some users may not be aware of that - until it's too late.


Sent from my SM-G975U using Tapatalk

[Justin]

Can confirm this issue.

[mkgtu]

Posted similar comment on Google Play and got developer response that E2E is not turned on by default.

Could be. All I know is that after the latest update both the digital sign and S/Mine switches were toggled "on" and I didn't do it.

I've also never added any "certificates", so maybe if you have no certificates and the switches are toggled on, nothing actually happens, nothing gets encrypted anyway? All mail just gets sent normally? Don't know.

Sent from my SM-G975U using Tapatalk

[mkgtu]

Answered my own question. If the E2E is on and you don't have a certificate, you get a warning and a choice to either add a certificate or send without encryption.

This is the first time I've tried to send an email since the recent update. Had never seen this alert before — because I never had the encryption turned on before!

Sent from my SM-G975U using Tapatalk

[phred]

Using 1.30.0-1826

Can confirm that 'encrypt and sign all outgoing email' is on by default. Or at least the update containing E2E turned it on for all eight of my accounts.

So in addition to the bug where the recipients of a new message are in red/orange, E2E should -not- be on by default. I have never installed a certificate, nor did I turn on the E2E options. Yet they were on. 

[Justin]

Same on all our devices.

[Martin, Aqua Mail Support]

Hi everyone,

We revisited this and found that under specific conditions the update from 1.29 -> 1.30 will change the default state of the S/MIME Sign & Encrypt options to ON. We will make changes to resolve this in our maintenance release coming up.

Thank you for your reports!

@mkgtu - I will update my review reply so that other users are aware of this as well.

Martin

[Nedialko Kondev, MobiSystems, AquaMail Support]

Hi all,

It's fixed in the beta version:
https://www.aqua-mail.com/forum/index.php?topic=8187.0

Regards,
Nedialko