I just noticed in the debug log there is the full content of a regular (i.e. non-signed, non-encrypted) mail holding sensitive information, even though I didn't activate the option "Inkl. Mail inhalten (entschlüsselt!) und Meta-Informationen" (i.e. including mail content (decrypted!) and meta information).
Log level was set to "+Speicher Analyse" (+memory analysis).