If you decrypt ciphertext to the terminal like this:
gpg --output - --armor --encrypt --recipient 23642351 message.txt.pgp
..does it touch the hard drive / ssd or only live in RAM?
What about when Thunderbird decrypts a message - does the plaintext touch the hard drive or only live in RAM?
Thunderbird stores everything encrypted with your own public key even copies of the sent mail which went out encrypted with other people's public keys, and it lets something live for five or ten minutes as plaintext before it will ask you for the password to your private key again to view something. The question is, during those five or ten minutes, has it saved it as plaintext on the hard drive?
I know from recovering text files from the hard drive that anything you delete stays floating around on there for a while whereas anything in RAM will disappear the moment the power is switched off.