Beware of Thunderbird 78 attaching keys
Oct 13th, 2020
This is a warning about Thunderbird version 78 and later versions:
Please be aware that since version 78, Thunderbird by default attaches your public key to every outgoing, signed email. With normal emails this is not a problem. With emails to a schleuder-list that contain X-RESEND it’s different though: it reveals the public key of the actual sender, which probably leaks information about your email address and maybe name to the recipients.
To prevent that, please de-select
Attach My Public Key from the
Options-menu in each X-RESEND email.
As of now there is no option to generally disable attaching your key. It has already been wished for, though.