You can find a list of submitted bugs at bugs.kde.org. Not all these bugs are "real", some are based on misunderstanding of features etc. Here's a real problem: KMail will not delete some temporary files if it crashes. In this case, you should cd to ~/.kde/share/apps/kmail/tmp/ and delete all the files and folders there.
Select Folder->Prefer HTML to plain text. For security reasons you should only do so for mails from trusted sources.
Simply create a symlink in your ~/Mail directory using ln -s /somewhere/Mail/mymailboxfile ~/Mail/remote. When you start KMail you will see a new folder with the name remote that contains the mails in your remote folder. If you want to add a whole remote mail directory use ln -s /somewhere/Mail ~/Mail/.remotedir.directory. For that case you also need to create a new empty folder named remotedir with KMail. The folder remotedir will then contain all remote mailbox folders as subfolders.
To really remove deleted messages from disk, you have to compact your folders. To do so automatically, open up the Settings->Configuration... window, select the Miscellaneous tab and select Compact all folders on exit. Maybe you want to select Empty trash on exit, too. This will remove all the messages in the trash folder whenever you exit KMail.
KMail provides a simple and easy to use interface for basic functions of these programs. Still you should understand how these programs work and what might make them insecure. Just one example: Trusting a foreign public key without checking it is no good idea. Another issue are attachments: As most other mail clients, KMail can encrypt your messages, but not your attachments. You have to encrypt them manually before you attach them.
Before you can use spellchecking the first time, you have to configure it. You can do so in the Composer window's menu under Settings->Spellchecker....
KMail 1.0.x: The unpatched version supports only PGP (version 2.x and 5.x). KMail will prefer version 5.x if both versions are installed. There is no way for the user to force KMail to use version 2.x in this case. There are patches for PGP6 and GnuPG support at KMail's homepage. If the GnuPG patch is applied, and GnuPG and PGP are installed, KMail will prefer GnuPG. Here is no way to force KMail to use PGP.
KMail 1.1.x: This has at least the improvements from the patches above.
If your POP3 server runs an ssh daemon, you can use ssh to tunnel your POP3 connection using the following command. (You need to be root to execute it. Alternatively, change the first port number, i.e. the first occurence of 110, to something above 1024 and configure KMail to use that port):
ssh -L 110:127.0.0.1:110 user@host
Note that this often doesn't make things more secure if your mails have already been sent through the Internet.
See the section Using other Mailbox files With KMail.
Open up the Settings->Configuration... window. Click on the Network tab. Select your account from the account list and click the Modify button. This dialog contains the Delete mail from server setting which you must not select.
The text footer is called a signature file. Select Settings->Configuration... Look in the Identity tab for the Specify signature below field. Select the radio button and type your signature below.
KMail will ask you the location of your signature file if you have checked the option Use a signature from file in the Composer tab of the Configure dialog, but have not specified a signature file in the Identity tab. You should either specify a signature file or deselect Use a signature from file.
The word wrap setting is probably turned off. Word wrap can be toggled on and off in the Composer tab of the Configure dialog.
The number of unread messages is conveniently displayed in the Folders pane after the folder name.
First you should check if your Linux/BSD/whatever distribution can do this for you. Perhaps it has already been set up during installation.
If that's not the case, you may want to have a look at the Mail Queue HOWTO or at UCT Linux User's group page on configuring sendmail for Dial-up connections.