Mozilla Connect

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Similar idea here: Feature-Request: Encrypt if possible 

Given the encrypt process that encrypts the email includes the attachments ie the entire body of the email which includes attachments and included items like embedded images, I am not sure why you would want to encrypt your files separately,  attach them and encrypt them again.  Are you concerned the email encryption is not secure, so you need to encrypt the files using a different key?

@MattAuSupport

I was testing out of curiosity, sending encrypted mail to myself, from outlook to protonmail and vice versa, and found out that the attachments are sent unencrypted.

(I deleted the private keys in thunderbird, and obviously it wouldn't let me see the message, but the files yes)

And it is at this point that I have to disagree.  When an email is transmitted.  There is no such thing as an attachment.  Attachments came long after email, and by that time email had message bodies in plain text.  The solution was to include the attachments in the message body,  also in plain text.

This does present something of an issue as some files are binary and can not be represented as plain text,  so the MIME specification was developed and we got multi part mime messages.  A "part" can be an image or even the text of the message body.  More importantly for his discussion, it can also be an attachment encoded using the MIME specification.  This takes binary objects and converts them to a text representation of the original information.

So when you click send the first thing that happens is the email body is encoded in MIME,  including attachments.  The difference between them and say an image in the message body is the "part" is designated as an attachment.   The "part" header below is for an image included in an email in my inbox,  the content disposition is "inline" so it does not appear in the attachment list.

Content-Type: image/png;
	name="70E9E663111D4C75A54467E1C1685013[1072460399].png"
Content-ID: <image001.png@01D82B37.B8419110>
Content-Transfer-Encoding: base64
Content-Disposition: inline;
	filename="70E9E663111D4C75A54467E1C1685013[1072460399].png"

Now I have gone through all this process because if you can "see" the attachment in an email that is encrypted,  then the message has already been decrypted to allow you to see the message body and the mail client can see it has attachments. There is no further decryption required.  The attachments were sent encrypted,  but the message body is no longer encrypted, therefore the attachments as part of that message body are also now decrypted.  

Until your message is decrypted, the mail client has no idea if the message even has an attachment.  So assuming the attachments are sent unencrypted after the message including the attachments are decrypted is a fallacious argument.

If you are using the Proton mail bridge to get mail from Proton,  all bets are off.  What they do or do not do in their software is not something I am aware of.  They do however publish the source code of the bridge if you wanted to check what it does. https://github.com/ProtonMail/proton-bridge

While testing,  send encrypted mail to an address you have no certificates for and see if you feel the link to their website that is sent instead of the email meets your needs.