Red Hat Bugzilla – Bug 995219
Enigmail sometimes tells me that I signed an e-mail that I did not sign
Last modified: 2014-06-09 14:05:33 EDT
Description of problem:
I've noticed that occasionally, Enigmail will tell me that a signed message from someone else has a "Good signature from Randy Barlow <firstname.lastname@example.org>". These messages will always have a signature, but not a signature from me. The signatures I've noticed this with all happen to have "unverified" signatures (because the keys aren't on my keyring and are from people on mailing lists), though that is possibly just coincidence because the people who's keys are on my keyring never send me signed e-mails.
Once Thunderbird enters this state, every single e-mail signed by anyone will say that I signed it. The only thing I've found that I can to to get it back to normal is to restart Thunderbird.
Version-Release number of selected component (if applicable):
$ rpm -q thunderbird-enigmail
$ rpm -q thunderbird
Unfortunately, this only seems to happen to be occasionally, and I haven't found a way to reliably reproduce it. It has happened to me two times so far.
Steps to Reproduce:
I did notice it happen in action just now when I sent a signed and encrypted e-mail.
1. I had an e-mail open in the background that correctly said it was signed but unverified.
2. I clicked compose, and wrote an e-mail to a colleage for whom I had a public key.
3. I selected the e-mail to be signed and encrypted.
4. When I clicked send, it sent successfully, and immediately the e-mail I had open in the background main window switched from the yellow "unverified" state to a green "Good signature from Randy Barlow" message, even though I was not the author of the message, and certainly didn't sign it.
Sorry... it seems I miss this bug report.
Does this still occur with latest version (1.6) ?
I just tried to reproduce it with 1.6, and it seems that this issue has been addressed. Thanks!