I guess we need memory hole support now...
Open, Needs TriagePublic


Thunderbird started sending around memoryhole protected messages, which results in headers being rendered as text.

The following ticket has a good description on how to deal with such emails.

I think the only usable approach will be to decrypt messages as they arrive. Otherwise things like search etc. break.
To re-secure the indexes we *should* probably encrypt the indexes using AES or something else that is fast, but for an initial implementation I don't care too much.
Use full-disk encryption if necessary.

I think the whole memory-hole idea is generally a bad idea, but we're not in control and have to deal with this somehow.

Naturally it will mean that things like IMAP search will also not work, so IMAP will just be a dumb blob store from now on (see also https://fastmail.blog/2016/12/10/why-we-dont-offer-pgp/).

fwiw, memory-hole also breaks threading (because those headers are also encrypted).