As you might have heard there is a flaw in many popular email clients that allows an attacker to decrypt PGP or S/MIME encrypted email content.

Here's the website with all of the info about the attacks: EFAIL

Let's collect mitigation techniques especially for the clients affected by the direct exfiltration attack (Apple Mail, iOS Mail, and Mozilla Thunderbird)

Some immediate mitigations I've read about so far:

• Turn off OpenPGP and S/MIME encryption in your mail client and use an external tool (eg. Keybase) for encryption/decryption by copy-pasting content.
• Disable HTML support. Only show plaintext
• (For Thunderbird) Leave OpenPGP encryption enabled but turn off automatic decryption/verification of messages in Enigmail settings

• (For Thunderbird) Disallow remote content in messages.

Note

The last 2 just protect you from stumbling into the attack. You can still be exploited if you accept remote content for that particular mail and/or if you manually decrypt the message.