[prophesi]

At the very least, I can confirm that ProtonMail and Apple's Mail clients let you search through the message contents of encrypted email. I'm sure there's a performance hit, and admins wouldn't be able to search through the encrypted emails of their Workspace users, but that's a much more reasonable tradeoff.

[londons_explore]

I'd be interested to know the implementation... Most search-over-encrypted-documents implementations either don't scale well (eg. require the client to do all the indexing and upload the encrypted index), or have reduced privacy (allowing the server to infer which words are in which document).

[JoshTriplett]

> require the client to do all the indexing and upload the encrypted index

Or just require the client to do the indexing and the searching, and not upload the index anywhere.

[prophesi]

Yep. Not sure how Apple/Proton implement it, but that's exactly what Tutanota does. https://tutanota.com/blog/posts/first-search-encrypted-data

[londons_explore]

And when you log in from a new device...? Do you now need to wait days while 1000,000 emails from the last decade are all downloaded and indexed?

[prophesi]

That's an issue with or without client-side encryption. Even with IMAP, you have to download the message before its contents can be searched. While subject/sender/recipient can be searched instantly with IMAP, regardless of encryption.

[pseudalopex]

This is a limitation of your client or server. Not IMAP.

[prophesi]

No, it's a limitation by IMAP that is rectified by the server/client.

[pseudalopex]

Maybe if you have that many emails and 3G only and can't load a backup for some reason.