I'm about to spend a reasonable amount of time, effort and money on installing some software for around a dozen users to cope with the demands of one of our client's use of encrypted S/MIME email. Whilst there is a Firefox browser plug-in that supposedly supports S/MIME, we've taken the decision to install a stand alone package to cope with un-encoding. But it's a fairly pointless exercise all round.
S/MIME seems to have been developed solely to address the adage that an email is only as secure as sending information on a postcard. S/MIME puts your postcard in an envelope.
The problem I have with this is that it gives an illusion of security that leads to ill-thought actions. I'm sure that you wouldn't send a large amount of money, stapled to the back of an envelope. But then I'm sure you wouldn't just bung it in an envelope either. You'd want to know it was going to the person to whom it was intended.
The security issue with all the S/MIME we've been receiving is that it can be un-encoded by anyone… anyone can open the envelope. So it gives an illusion of security to the non-technical folks who use it that is but a mirage.
mmitII 
You seem to mix-up digital signing and encryption. When a message is S/MIME signed, it can be opened by anyone. S/MIME signing provides authentication and integrity. S/MIME encryption provides confidentiality and requires the correct private key to decrypt the message.
Martijn Brinkers
—
Djigzo open source email encryption
Thanks for the info Martijn.
Makes sense as to why we can decode awithout identity… but I still think that the users at the client end aren't understanding what they are doing, as not everything is encoded and they only seem to use S/MIME when messages are seen as more “sensitive”…
An S/MIME gateway which encrypts all email might be helpful because it's transparent for the senders.
Martijn Brinkers