The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their lo- cal disk. Doing so allows users to gain the benefit of reg- ular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end?to?end en- cryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common oper- ations, such as server?side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy?preserving search of that email collection. Our solution encrypts email (the head- ers, body, and attachments) as it arrives on the server us- ing public?key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transpar- ent to both the sender and recipient. This work was partially supported by the National Science Foundation through Grant ITR CNS-04-26623. all work done at the Network Security Lab at Columbia University Department of Computer Science