Hi there, I am wondering if there is any status update on this. Would be great if SOGo had some sort of internal key management system (safe?) or could use locally installed keys to automatically decrypt these messages.

The concept seems fairly straightforward for users that only access SOGo webmail from a private computer. May be slightly more complex if it is a shared system.

This report is only about signed messages, not about encrypted ones.
So you only have to check the signature against the S/MIME public key.

And of course SOGo has to display the signed email content in the first place :-)

Well now, don't I feel like a bonehead :-) ...

Thanks for the head's up Christian.

Other workaround is reconfiguration of MS Outlook:

"Send clear text signed message when sending signed messages"

as described here: http://new.office-watch.com/2013/signed-emails-appear-blank-in-gmail/

Otherwise the message from MS Outlook will have Content-Type:

application/pkcs7-mime; name="smime.p7m"; smime-type="signed-data"

and can't be viewed in SOGo (and clients without S/MIME support).

Parameter smime-type is optional and according to RFC 5751 it is better for compatibility to use multipart/signed:

Messages signed using the multipart/signed format can always be
viewed by the receiver whether or not they have S/MIME software.
They can also be viewed whether they are using a MIME-native user
agent or they have messages translated by a gateway. In this
context, "be viewed" means the ability to process the message
essentially as if it were not a signed message, including any other
MIME structure the message might have.

Despite this, it would be nice to support also these messages, if SOGo has already support for S/MIME multipart/signed.

Hint: UI/MailPartViewers/UIxMailPartSignedViewer.m