The iPhone is no stranger to gaping security flaws, but this one's a doozy: You know how when you delete emails, you expect them to be, well, deleted? On iPhone 3.0, that's just not how things work. This is bad.
You can watch the whole insincere deletion process play out above, but here's a handy guide so you can follow along at home. Turn off your device radio and Wi-Fi connection for maximum OH GOD:
1.) Find a message with a memorable subject line, and delete it.
2.) Go to your trash, and remove the message from there.
3.) Check whatever IMAP folders may be listed on your device—this works with POP too—and make sure your message is really not
4.) Flick over to the main Spotlight search screen, and search for the subject line on that message that shouldn't exist
5.) Be shocked and confused when you find that not only can you see the subject line in a simple search—you can still view the entire message. Your email-based illicit affairs are ruined.
I've tested this, and it works. I even restarted my iPod for good measure, and the message was still in the index, and still accessible by search, despite not appearing anywhere in the main Mail interface. As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn't just strange, it's a disastrous security flaw.
Still, a few things don't really add up here. The video submitter says he can find emails from months ago, but surely this would result in creeping storage consumption, and has to stop sometime. I mean, doesn't it? And even if these messages are just hiding out in some secret folder or something, and can be deleted by some obscure method, this isn't how a mail client should behave, at all.
Try this yourselves and see if you can find any clues as to what's going on here: I'm as alarmed as I am stumped.
UPDATE: An internal tipster has provided us with proof that Apple is fully aware of this issue and will probably be including a fix in iPhone OS 3.1. Additionally, there are a number of ways to delete the messages from the index—for some, waiting works; for me, even restarting didn't—but the fact remains that deleted emails are left, for some time, fully accessible.
Richard from 148Apps has this workaround, which seems to work fine:
From my messing around with email, the message actually disappears after viewing it a few times. At first I thought the email disappeared after deleting it a few times but I simply viewed the messages about 3 or 4 times and it disappeared.