4 files changed, 22 insertions, 8 deletions

diff --git a/alot/__init__.py b/alot/__init__.py
index 77b9d91b..548f5c4b 100644
--- a/alot/__init__.py
+++ b/alot/__init__.py
@@ -1,5 +1,5 @@
 __productname__ = 'alot'
-__version__ = '0.3.7'
+__version__ = '0.3.8.dev'
 __copyright__ = "Copyright (C) 2012-15 Patrick Totzke"
 __author__ = "Patrick Totzke"
 __author_email__ = "patricktotzke@gmail.com"
diff --git a/alot/crypto.py b/alot/crypto.py
index 5f9290fd..8efd0254 100644
--- a/alot/crypto.py
+++ b/alot/crypto.py
@@ -64,10 +64,10 @@ def get_key(keyid, validate=False, encrypt=False, sign=False,
     If validate is True also make sure that returned key is not invalid,
     revoked or expired. In addition if encrypt or sign is True also validate
     that key is valid for that action. For example only keys with private key
-    can sign. If signed_only is True make sure that the user id can be can be
-    trusted to belong to the key (is signed). This last check will only work if
-    the keyid is part of the user id associated with the key, not if it is part
-    of the key fingerprint.
+    can sign. If signed_only is True make sure that the user id can be trusted
+    to belong to the key (is signed). This last check will only work if the
+    keyid is part of the user id associated with the key, not if it is part of
+    the key fingerprint.
 
     :param keyid: filter term for the keyring (usually a key ID)
     :type keyid: str
diff --git a/alot/db/utils.py b/alot/db/utils.py
index 286e652e..373f96b1 100644
--- a/alot/db/utils.py
+++ b/alot/db/utils.py
@@ -42,9 +42,20 @@ def add_signature_headers(mail, sigs, error_msg):
         error_msg = error_msg or 'no signature found'
     else:
         try:
-            sig_from = crypto.get_key(sigs[0].fpr).uids[0].uid
+            key = crypto.get_key(sigs[0].fpr)
+            for uid in key.uids:
+                if crypto.check_uid_validity(key, uid.email):
+                    sig_from = uid.uid
+                    uid_trusted = True
+                    break
+            else:
+                # No trusted uid found, we did not break but drop from the
+                # for loop.
+                uid_trusted = False
+                sig_from = key.uids[0].uid
         except:
             sig_from = sigs[0].fpr
+            uid_trusted = False
 
     mail.add_header(
         X_SIGNATURE_VALID_HEADER,
@@ -54,7 +65,9 @@ def add_signature_headers(mail, sigs, error_msg):
         X_SIGNATURE_MESSAGE_HEADER,
         u'Invalid: {0}'.format(error_msg)
         if error_msg else
-        u'Valid: {0}'.format(sig_from),
+        u'Valid: {0}'.format(sig_from)
+        if uid_trusted else
+        u'Untrusted: {0}'.format(sig_from)
     )
 
 
diff --git a/alot/helper.py b/alot/helper.py
index 359eabdf..de57b564 100644
--- a/alot/helper.py
+++ b/alot/helper.py
@@ -397,7 +397,8 @@ def guess_mimetype(blob):
         m.load()
         magictype = m.buffer(blob)
     elif hasattr(magic, 'from_buffer'):
-        magictype = magic.from_buffer(blob, mime=True)
+        # cf. issue #841
+        magictype = magic.from_buffer(blob, mime=True) or magictype
     else:
         raise Exception('Unknown magic API')