It is a workaround in case a mail has to many/large attachments to show them in Outlook, to drag it into the filesystem. There it is stored as a .msg file.
If opened from there, all the attachments are shown but the signature of the mail is not displayed in the ribbon any more. It is shown in the header, where it displays the trust level.
Here a picture for a minimal testcase without attachments:
I have analyzed this. In the ribbon we get a mailitem OOM object as reference, but that can be a different pointer then the one we used for decryption / verification. Our trick for this was to assign mailitems a custom uuid property and then look for that from the riboon pointer so that we can update accoringly with our internal Mail object representation.
This does not seem to work for Mails which are in the file system, they seem to have a reduced set of MAPI properties and although it does not give us an error when we set it, i can see in outlook spy that it is not set. So the "ribbon" does not find the Mail and so it assumes that it is insecure. (The categories are updated though).
I only later realized that there is already something in Outlook that can be used as a UUID though. Which is the "EntryID" at least I think that I could use it and that it is unqiue. The Mail in the filesystem has an EntryID and we could access it from both sides. I actually thought about doing this some time ago already because I found it better to reuse an Outlook ID instead of our own custom MAPI property. I belive this would fix the issue.