Do not select expired or revoked keys as candidates for encryption
When looking for a valid key to encrypt a mail expired or revoked keys are considered and hence in sending encrypted only mode, schleuder does not encrypt the mail.
Schleuder2 used to filter these keys out: https://git.immerda.ch/schleuder/tree/lib/schleuder/crypt.rb#n125
Given that you might want to keep revoked or expired keys in your keyring I would suggest to filter out revoked and expired keys in https://0xacab.org/schleuder/schleuder/blob/master/lib/schleuder/plugins/resend.rb#L86
It's probably fine doing it exactly there, as it's the only place where we do not have a specific fingerprint that we're looking for, rather do the lookup based on the recipients email.