If we do not have additional information that a Mail was actually from the claimed sender we should not show this as prominent information as it's no less secure then any other mail.
Imo we could eliminate the red and yellow frames and put signature information / details in the header. Especially the red for an invalid signature hurts usability as no attacker would create an invalid signature but rather remove the signature altogether so it's basically always a Technical Problem and not an attack. But users are confused and feel more insecure if they see a mail in blood red then just an unsigned mail.
With TOFU trust builds over time / communication. So when you receive the first 10 mails which are signed by me KMail should present them just like other unsigned mails. Once we are over a certain Threshold (currently 10 messages in GnuPG) we have the information "Ok this is the same key that was used already for 10 mails so there is an indication that the mail actually comes from that sender." And this information should then be shown. This avoids the problem that we have to visualize the "trust building" phase in TOFU.
We should mark a signed mail with a valid Key as signed of course (but probably less annoying then the current green background) as ideally signed mails would be the usual case.
My personal preference would be just to show the signed / encrypted block start and end marker and not color the background.
In my opinion this should always be changed though and not just when TOFU is used.
Sandro / Dan: Do you agree with that? I think we could already change that behavior as it is unrelated to other things. ( Well the new Details Dialog might help in the signed but not trusted case )