On Thu, 28 Aug 2014, Vagrant Cascadian <vagrant@debian.org> wrote: > When sending mail from notmuch-emacs interface, I usually use pgpmine > signatures, but sometimes I want to send a signed encrypted message, so > I manually edit the mode=sign to mode=signencrypt ... but if I make a > typo, i.e. mode=signinvalidencrypt, notmuch happily and without warning > sends the mail unencrypted. > > i.e. #secure method=pgpmime mode=signinvalidencrypt will end up > sending an encrypted message (with the <>, of course). > > It seems like it should error out if the mode= is set to an invalid or > unknown value, rather than sending mail in the clear. > > I've got this set up in ~/.emacs, not sure what all else might be coming > into play: > > '(message-setup-hook (quote (mml-secure-message-sign))) > '(notmuch-crypto-process-mime t) I'm inclined to think this is a bug in message-mode. But we should probably try to see what we could do to mitigate this. As a workaround of sorts, I'd suggest not messing with the #secure tag manually. Instead, you can use mml-secure-message-sign and mml-secure-message-sign-encrypt to change the mode. BR, Jani.