Interesting responses! Thanks Kyle's idea of doing GPG on-the-fly decryption is interesting. But my question was, exactly what files do you need to decrypt? Obviously there are the config files, and the header cache, and the body cache if you have it turned on. Does mutt write information to any other files? Mutt would need to be configured so that all files that it writes to are located in a GPG-encrypted directory, including even any temporary files that mutt deletes when it quits.
Yes, I can see that disk encryption may be the way to go for a laptop. But the world of full disk encryption still looks quite complicated to me right now. TrueCrypt may be the way to go. The new version of Ubuntu gives you the option to encrypt your homedir when you install it. I haven't looked into how this works, and whether temp directories and swap space etc. are also encrypted. I like the idea of keeping your data off your laptop in the first place. If you have a remote server (either in your home or controlled by someone else) then you can ssh into it from any machine and run mutt. If you always do your email this way your laptop should more or less be clean, ignoring the possibility of people attacking your RAM and that sort of thing. (lets call that _too_ paranoid for now). I think if you used a remote server and additionally used GPG on-the-fly decryption for all files that mutt writes on the server that might be pretty safe. It could also be pretty convenient, having access to the same mutt setup from any machine, and you could even download the emails to the server and run mutt over a local maildir instead of IMAP, as long as you encrypt the maildir as well.