Claws Mail leaks cleartext of encrypted email to the IMAP server
With the default configuration, it leaks at least to the Drafts (according to #8986 (closed)) and Queue IMAP folders (see “PGP MIME is insecure (for me)” thread on -dev@ https://mailman.boum.org/pipermail/tails-dev/2015-February/008275.html).
Setting Elevated priority: even if we plan to replace it with Icedove, we still ship Claws Mail and those issues seem serious to me. Worst case, it can be addressed by documentation, and issueing a security advisory pointing to that doc. Existing users of Claws Mail with persistence will need to be explained how to fix their settings anyway.
- Related to #5316