Skip to main content

Tags Apple

Apple Mail.app: S/MIME encrypted emails stored in clear text

Published on Oct 3, 2008 in ,

  • Affected version: 3.5 (929.4/929.2)
  • Unaffected version: Unknown

Summary

Apple Mail.app does not store S/MIME encrypted emails securely in the Drafts directory on server.

Impact

The assumption that the server does not have access to the email content is violated.

Description

Apple’s Mail.app is the default email application that comes with Mac OS X machines. It supports S/MIME as standard for encryption and authentication of emails. However by default Mail.app also has an option called “Store draft messages on the server” when you are making use of an IMAP or Exchange server.

Read more about Apple Mail.app: S/MIME encrypted emails stored in clear text

Subscribe

Receive high-quality, low-volume RTC security research, news and occasional updates about what we're up to.

Interested in our services? Let's collaborate.
Get in touch

We hate spam and are committed to protecting and respecting your privacy. You can unsubscribe from our communications at any time. By subscribing, you are agreeing to the Privacy Policy.