We already encrypt to our own key, when sending encrypted mails, however, we should allow to configure:

• whether to do this at all
• which key to use (in case of several keys matching for our UID)
• allow to select further keys, such as function addresses

We should further:

• indicate which keys the mail will be encrypted to in the composer window
• if set to encrypt to a key that neither belongs to a recipient, nor that we have a secret key for, ask whether that is intended (support story: User had encrypt to self. Created new key pair and deleted or lost the old secret key. Was still encrypting to that old, now non-decryptable key)