Conclusion

The main problem is user's education:

signs of the attack are visible,

but their consequences are ignored.

Must follow the set up of an organization permitting:

distribution of public keys

servers' keys to users
a web server with signatures of public keys

users' keys on accessed servers
a mailing-list permitting deposit of keys

Thanks to Dug Song for the work he achieved
and for the conscientiousness those tools permit.

Thanks to Ghislaine Labouret for review :)