I guess we need memory hole support now...
Closed, ResolvedPublic


Thunderbird started sending around memoryhole protected messages, which results in headers being rendered as text.

The following ticket has a good description on how to deal with such emails.

I think the only usable approach will be to decrypt messages as they arrive. Otherwise things like search etc. break.
To re-secure the indexes we *should* probably encrypt the indexes using AES or something else that is fast, but for an initial implementation I don't care too much.
Use full-disk encryption if necessary.

I think the whole memory-hole idea is generally a bad idea, but we're not in control and have to deal with this somehow.

Naturally it will mean that things like IMAP search will also not work, so IMAP will just be a dumb blob store from now on (see also https://fastmail.blog/2016/12/10/why-we-dont-offer-pgp/).

fwiw, memory-hole also breaks threading (because those headers are also encrypted).

cmollekopf closed this task as Resolved.May 22 2020, 1:05 PM
cmollekopf claimed this task.

We have read-only memory hole support and decrypt messages on sync for local search support.