diff --git a/examples/echo_client.py b/examples/echo_client.py
index 249d748..565b041 100644
--- a/examples/echo_client.py
+++ b/examples/echo_client.py
@@ -77,9 +77,13 @@ class EchoBot(ClientXMPP):
             self.plain_reply(msg, 'This message was not encrypted.\n%(body)s' % msg)
             return None
 
+        allow_untrusted = False
         while True:
             try:
-                body = self['xep_0384'].decrypt_message(msg)
+                body = self['xep_0384'].decrypt_message(
+                    msg,
+                    allow_untrusted=allow_untrusted,
+                )
                 self.encrypted_reply(msg, 'Thanks for sending\n%s' % body.decode("utf8"))
                 break
             except (MissingOwnKey,):
@@ -100,28 +104,22 @@ class EchoBot(ClientXMPP):
                     'session I don\'t know about.',
                 )
                 break
-            except (UndecidedException,) as exn:
-                # I don't think the comment below is correct.
-                # We should be able to read the message whatever the trust
-                # state. I think we want to force a decision only when
-                # sending. I think other clients also do this. Conversations,
-                # dino, etc. Same for UntrustedException, we can just let the
-                # user know that the sender is untrusted.
+            except (UndecidedException, UntrustedException) as exn:
+                # We received a message from an untrusted device. We can
+                # choose to decrypt the message nonetheless, with the
+                # `allow_untrusted` flag on the `decrypt_message` call, which
+                # we will do here. This is only possible for decryption,
+                # encryption will require us to decide if we trust the device
+                # or not. Clients _should_ indicate that the message was not
+                # trusted, or in undecided state, if they decide to decrypt it
+                # anyway.
+                allow_untrusted = True
 
-                # We have not decided yet wether to trust the person sending
-                # us the message. We must explicitely tell slixmpp what to do.
-                # In this case, we will automatically trust. In a real
-                # application, this is where you would prompt the user to
-                # decide.
-                self['xep_0384'].trust(JID(exn.bare_jid), exn.device, exn.ik)
                 self.plain_reply(
                     msg,
-                    'Adding %(device) of %(bare_jid)s in trusted devices.' % exn,
+                    "Your device '%(device)s' is not in my trusted devices." % exn,
                 )
-                # Now that we added the device in the trust manager, we need
-                # to try and decrypt it again, (we let it loop).
-            except (UntrustedException,) as exn:
-                pass
+                # Now we let the loop go on for decrypt_message to run again.
             except (EncryptionPrepareException,):
                 # Slixmpp tried its best, but there were errors it couldn't
                 # resolve. At this point you should have seen other exceptions