Just published the below advisory describing an issue with Mail.app and a solution. I comment on the flaw on my blog: http://enablesecurity.com/2008/10/03/apple-mailapp-security-advisory/ An up to date version of the advisory can be found: http://resources.enablesecurity.com/advisories/apple-mailapp-smime.txt The advisory was first published on EnableSecurity Newsletter. If you'd like to subscribe then send an email to newsletter (at) enablesecurity (dot) com [email concealed] ..... Apple's Mail.app stores your S/MIME encrypted emails in clear text Date published: 2008-10-03 Affected version: 3.5 (929.4/929.2) Unaffected version: Unknown Summary: Apple Mail.app does not store S/MIME encrypted emails securely in the Drafts directory on server. Impact: The assumption that the server does not have access to the email content is violated. Description: Apple's Mail.app is the default email application that comes with Mac OS X machines. It supports S/MIME as standard for encryption and authentication of emails. However by default Mail.app also has an option called "Store draft messages on the server" when you are making use of an IMAP or Exchange server. The assumption when making use of S/MIME is that no one except you and the recipient of the email can view your encrypted email - end to end encryption. Emails are stored in encrypted form on the server and therefore should not be read by anyone having access to the email server, thus preventing Man in the Mirity attacks. What the "Store draft messages on the server" option does is store a clear text version of the email, until the email is sent. The problem with this option is that it defies the assumption that the email is encrypted on the server. This can therefore lead to a false sense of security and information leakage, which is exactly what people making use of S/MIME want to prevent. Solution: Go to the Preferences and select the account from the accounts tab Select the "Mailbox behaviors" tab Uncheck the option "Store draft messages on the server" Finally, make use of a UPS or similar technology to prevent loosing your unsaved emails in case of a power interruption or failure. Mozilla's Thunderbird on Mac OS X is not vulnerable by encrypting the drafts before they are sent to server. This may also be a way to mitigate this issue without sacrificing usage of the "Drafts" folder. Timeline: Aug 14, 2008: Initial email to Apple's security contact product-security (at) apple (dot) com [email concealed] Aug 15, 2008: Was assigned a follow-up id and the security team asked me for more information. Aug 17, 2008: Provided full information and explained that this security issue defies the assumption that with S/MIME email is stored securely on the server. Sep 11, 2008: Sent a follow-up email to the Apple security team without any response Sep 16, 2008: Another attempt to contact the Apple security team. Sep 19, 2008: Received a response from Apple letting me know that: "A complete solution for the issue may involve significant architectural changes, so at this time it's difficult to estimate the timeframe or release vehicle for a fix." DISCLAIMER The information in this advisory is provided by EnableSecurity as a courtesy and without any representations or warranties. Recipients are advised to conduct their own investigation and due diligence before relying on its contents.