From RFC8551: S/MIME provides a consistent way to send and receive secure MIME data. Digital signatures provide authentication, message integrity, and non-repudiation with proof of origin. Encryption provides data confidentiality. Compression can be used to reduce data size.

The main spec. S/MIME says to be fully backwards compatible, so older specs can be ignored

• RFC8551: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification
• RFC8550: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Certificate Handling

There are many RFCs which specify additional compression and signing algorithms:

• RFC8755: Using Commercial National Security Algorithm Suite Algorithms in Secure/Multipurpose Internet Mail Extensions
• RFC7114: Creation of a Registry for smime-type Parameter Values (IANA)
• RFC7107: Object Identifier Registry for the S/MIME Mail Security Working Group
• RFC6664: S/MIME Capabilities for Public Key Definitions
• RFC5754: Using SHA2 Algorithms with Cryptographic Message Syntax
• RFC5114: Additional Diffie-Hellman Groups for Use with IETF Standards
• RFC4490: Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94, and GOST R 34.10-2001 Algorithms with Cryptographic Message Syntax (CMS)
• RFC4262: X.509 Certificate Extension for Secure/Multipurpose Internet Mail Extensions (S/MIME) Capabilities

Other related RFCs:

• RFC9216: S/MIME Example Keys and Certificates
• RFC8162: (Experimental) Using Secure DNS to Associate Certificates with Domain Names for S/MIME
• RFC7912: Message Authorizing Email Header Field and Its Use for the Draft and Release Procedure (MMHS-Authorizing-Users header)
• RFC7508: (Experimental) Securing Header Fields with S/MIME
• RFC7281: Authentication-Results Registration for S/MIME Signature Verification
• RFC4134: Examples of S/MIME Messages

The best way to implement S/MIME in MailBox would be to integrate an existing S/MIME implementation for Perl into the infra. Or, to learn from these existing implementations.

At the moment (April 2025) CPAN lists

• Crypt::SMIME
• Crypt::Simple::SMIME
• Crypt::OpenSSL::SMIME
• OpenCA::OpenSSL module OpenSSL::SMIME
• Mail::Milter::Authentication::Handler::SMIME
• Crypt:SMimeEngine

The Milter filter seems to demonstrate how to use Crypt::SMIME in read code.