Outlook Express/Windows Mail can go to hell

I finally decided to switch to using S/MIME certificates for my email versus PGP. It seems to play much nicer with most mail clients, as users have to do *nothing* to see that my message is signed. As a plus, whenver I sign a message users get a copy of my certificate, meaning they can instantly encrypt a message to me if needed.

Except for fscking Windows Mail.

I loaded it up on my Vista box just to make sure that it didn't do anything horrible. I set up my IMAP account, click signed messages. "Oh, this is actually good!". It doesn't display the message, but in the message pane shows a message explaining what a signed message is very clearly and explains what any errors might mean in verification. You can then proceed to the message or tell it to never show the help again.

The message shows up properly, and luckily because I'm paranoid, I hit the Reply button. "What's this? Why is OE trying to sign this message? I don't have an ID set up on this computer?". By default, when replying to a signed message, OE/Windows Mail will by default try to sign a message, even if the user doesn't have a certificate. And there is no way to turn this off!

What's Microsoft's solution? Manually disable signing for every message you reply or forward.

The worst part is that even if all users were using Windows Mail on Vista, if only one didn't have a cert, they would have to deal with this crap.

Just another example of how Microsoft sets users and their security back a decade.