1 files changed, 21 insertions, 4 deletions

diff --git a/alot/commands/globals.py b/alot/commands/globals.py
index d234f54f..519cf2aa 100644
--- a/alot/commands/globals.py
+++ b/alot/commands/globals.py
@@ -851,8 +851,20 @@ class ComposeCommand(Command):
                     logging.debug('attaching: ' + a)
 
         # set encryption if needed
-        if self.encrypt or account.encrypt_by_default:
+        if self.encrypt or account.encrypt_by_default == u"all":
+            logging.debug("Trying to encrypt message because encrypt={} and "
+                          "encrypt_by_default={}".format(
+                              self.encrypt, account.encrypt_by_default))
             yield self._set_encrypt(ui, self.envelope)
+        elif account.encrypt_by_default == u"trusted":
+            logging.debug("Trying to encrypt message because "
+                          "account.encrypt_by_default={}".format(
+                              account.encrypt_by_default))
+            yield self._set_encrypt(ui, self.envelope, trusted_only=True)
+        else:
+            logging.debug(
+                    "No encryption by default, encrypt_by_default={}".format(
+                        account.encrypt_by_default))
 
         cmd = commands.envelope.EditCommand(envelope=self.envelope,
                                             spawn=self.force_spawn,
@@ -860,26 +872,31 @@ class ComposeCommand(Command):
         ui.apply_command(cmd)
 
     @inlineCallbacks
-    def _set_encrypt(self, ui, envelope):
+    def _set_encrypt(self, ui, envelope, trusted_only=False):
         """Find and set the encryption keys in an envolope.
 
         :param ui: the main user interface object
         :type ui: alot.ui.UI
         :param envolope: the envolope buffer object
         :type envolope: alot.buffers.EnvelopeBuffer
+        :param trusted_only: only add keys to the list of encryption
+            keys whose uid is signed (trusted to belong to the key)
+        :type trusted_only: bool
 
         """
         encrypt_keys = []
         for recipient in envelope.headers['To'][0].split(','):
+            recipient = recipient.strip()
             if not recipient:
                 continue
             match = re.search("<(.*@.*)>", recipient)
             if match:
-                recipient = match.group(0)
+                recipient = match.group(1)
             encrypt_keys.append(recipient)
 
         logging.debug("encryption keys: " + str(encrypt_keys))
-        keys = yield get_keys(ui, encrypt_keys, block_error=self.encrypt)
+        keys = yield get_keys(ui, encrypt_keys, block_error=self.encrypt,
+                              signed_only=trusted_only)
         if keys:
             envelope.encrypt_keys.update(keys)
             envelope.encrypt = True