English Arabic
[[!meta title="Claws Mail leaks plaintext of encrypted emails to IMAP server"]]
We discovered that *Claws Mail*, the email client in Tails, stores plaintext copies of all emails on the remote IMAP server, including those that are meant to be encrypted.
When sending an email, *Claws Mail* copies the email in plaintext to the sending queue of the IMAP server before encrypting the email. *Claws Mail* deletes this plaintext copy after sending the email.
*Claws Mail* drafts in plaintext on the server. An email can be saved as draft either:
Manually by clicking on the **Draft** button when composing an email.
Automatically if you selected the **automatically save message to Draft folder** option in the writing preferences. This option is deselected by default in Tails.
**All users of *Claws Mail* using IMAP and its OpenPGP plug-in are affected.**
Users of *Claws Mail* using POP are not affected.
To know if you are using IMAP or POP, choose <span class="menuchoice">
<span class="guimenu">Configuration</span>&nbsp;▸
<span class="guimenuitem">Edit accounts&hellip;</span></span> and refer
to the <span class="guilabel">Protocol</span> column in the list of
Unfortunately, we were not yet able to fix the problem automatically and for everybody. This would require to either modify *Claws Mail* or to migrate to a different application. Refer to the workarounds section to solve this problem in your setup and please warn others around you.
Verify the content of your **Drafts** folder
First of all, verify the content of the **Drafts** folder on the server, either through *Claws Mail* or through the web interface of your email provider. Delete any plaintext email that might have been stored against your will in this folder until now.
Then apply one of the other two workarounds to prevent more leaks in the future.
Use POP instead of IMAP
*Claws Mail* can connect to the email server using either the IMAP or POP
With IMAP, *Claws Mail* constantly synchronizes with the server and displays the emails and folders that are currently stored on the server. IMAP is better suited if you access your emails from different operating systems.
With POP, *Claws Mail* downloads the emails that are in the inbox on the server and possibly removes them from the server. POP is better suited if you access emails from Tails only and store them in the persistent volume.
To know more, see also this Yahoo! Help page on [comparing the differences between POP and IMAP](https://help.yahoo.com/kb/mail-for-desktop/compare-differences-pop-imap-sln3769.html).
POP is not affected at all by this security problem. When using POP, only encrypted emails are sent to the server. So consider switching to POP if you have an email account dedicated to your activities on Tails. To do so: