Closed Bug 1662408 Opened 1 year ago Closed 1 year ago

Subject: of encrypted message is lost, replaced by "..."


(MailNews Core :: Security: OpenPGP, defect)



(Not tracked)



(Reporter: se, Unassigned)




(1 file)

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:80.0) Gecko/20100101 Firefox/80.0

Steps to reproduce:

I sent messages with PGP encryption and an informative Subject: meant to be seen by the receiving user.

Actual results:

The Subject: value has been replaced with just three dots: "..."

Expected results:

The subject should have become visible to the recipient, either by sending it unencrypted or hidden within the message but fetched after decryption from the message and shown in Thunderbird.

This is a defect - sending mails with Subject: intact was possible with Thunderbird+Enighmail.

Component: Untriaged → Security: OpenPGP
Product: Thunderbird → MailNews Core

Yes, Thunderbird always encrypts the subject by design. Encryption needs to be easy, and explaining to someone about headers and body having different characteristics won't make it so.

Closed: 1 year ago
Resolution: --- → INVALID

I do not object to the subject being encrypted at all.

But it should become restored and visible to the authorized recipients of the message!
But after decryption Thunderbird still shows "..." instead of the subject of the message.

This used to work correctly in Thunderbird 68 - the subject was encrypted (AFAIK) and recovered after decryption.

Now all I get is "..." in the message list and in the message pane - this makes a message archive useless if it contains encrypted messages (which cannot be searched by content word) and subject (which is "..." for all messages).

How do I select a specific message from a folder that contains hundreds of messages with just a subject of "..."?

Resolution: INVALID → ---

So instead of explaining simple email constructs, I need to explain to non-technical users why their communications with other parties have no subjects? What's simple about that? Am I supposed to tell them "because, encryption"?

This forced compliance isn't helping anyone especially when its non-standard and not widely supported.

Without the ability to select messages to reply to by subject, PGP encryption is completely useless for me.

It is paradox to put so much effort into implementing PGP in Thunderbird and then to make a change that makes productive use of encryption completely impossible.

The only workable process might be to have an external list of mails sorted by date with author and content description (since the subject used by the sender is not even available after decryption of the message) and to look-up messages in this list and select them by date in Thunderbird for display. This is absurd! (Is there really a use-case for encrypted mail that does not support look-up of received messages by subject???)

I guess I'll have to look for another MUA after having been a happy user of Thunderbird with PGP for far more than a decade ...

I believe there's been a misunderstanding here. As @mkmelin stated, encryption should include encrypting the subject by default.

The reported defect lies in the fact that upon decryption of the email, the subject is not decrypted and remains "..." meaning that as time goes by, Thunderbird gets filled with emails whose only identifiable caracteristics become the sender and the date. Unless you get a single email a day, it gets tedious.

The decryption of subjects used to work on 78 before it was considered stable, I believe 78.2 broke it but I'm not certain.

I'll try to reproduce with various versions since 78.0 to check which one introduced the regression and attach raw emails. I'll note that most people I interact with rely on Enigmail so it might that Thunderbird's subject decryption doesn't support Enigmail's way of encrypting them.

Subject is decrypted properly for me (on trunk at least).

Attached image EncryptedSubjects.png

Illustration of the issue as it relates to subjects not being decrypted.

I'm running 78.2.2 on macOS and the attached screenshot is what my inbox looks like.

Just tried bumping to 81 beta 4, subjects remain "..." after decryption.

Also see bug 1666005.

See Also: → 1666073, 1666005, 1626890
Summary: Subject: of encrypted message is lost → Subject: of encrypted message is lost, replaced by "..."

So I went ahead and checked, 78.1.1 was the last version to reliably decrypt subjects.

I took every version since 78.0, cleared the Thunderbird folder each time. After which I simply enabled OpenPGP support (for <78.2), imported my private key, imported an email I had saved, restarted Thunderbird and tried to read the imported email.

78.0 through 78.1.1 worked without issue (albeit I had to restart Thunderbird after importing the private key).
Surprisingly, 78.2 through 78.3 worked before restarting Thunderbird. But once I restarted Thunderbird, I either couldn't decrypt subjects or the entire OpenPGP support would silently fail and simply state that OpenPGP support was no available (despite being enabled when checking about:config).

Is there a MOZ_LOG options that can be enabled to debug the OpenPGP component?

I tried it multiple times, the issue seems to be fairly reliably reproducible (at least on my computer, might be some other setting interfering).

I'm using Thunderbird 78.3.2 and I cannot see the subject for sent messages - both in message list window (Sent folder contents) and in message view window it is displayed as "...".

It seems that in Thunderbird 78.3.3 it works better - the subject is initially "...", but after selecting the message the subject is replaced by the correct text. In my opinion it is still insufficient - the subject should never be "..." for my sent messages.

First of all: Thanks for integrating PGP in Thunderbird core. This will be a great improvement for us users of PGP in emails.

Unfortunately, after the upgrade to TB 78.4, my colleagues now want to disable encryption altogether - because of the encrypted subject line. We are no coders, but would really like to contribute money for this feature (please let me know if it is possible to sponsor specific work items). So far we had the encryption of the subject line disabled in Enigmail. We are totally happy with its encryption, but as said by several others above, it is important to keep it plain-text once it has been successfully decrypted.

This may not be the best place for a feature request, but it fits to closely to this discussion: Actually, we would be most happy to be able to have all decrypted emails saved in plain-text. This would be helpful for searching the content of the inbox/folders. Thus, the saving of the decrypted subject line could be part of this greater feature. Again, we would like to offer financial support for the development of this feature.

Sorry for my earlier mail: I noticed that 78.4 does indeed save the decrypted subject line! This is great.

Nevertheless, it would be great to make the encryption of the subject line optional. And to have to above mentioned feature of saving also the body in plain-text once it has been successfully decrypted (feature request!).

Anyway: A big thank-you to the devs!

We might backport bug 1675300 to the stable 78 branch in the near future.

Closed: 1 year ago1 year ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1675300

I also have this problem with thunderbird-78.7.1-r1 on Gentoo. When I save my mail for sending it later (either as draft or template), the subject line gets replaced by three dots and will not be restored later.

What's more, I have not even enabled encrypting the mail, only signing it.

You need to log in before you can comment on or make changes to this bug.