diff --git a/src/imex.rs b/src/imex.rs
index 0c8b4e525..55ef80fec 100644
--- a/src/imex.rs
+++ b/src/imex.rs
@@ -827,7 +827,7 @@ mod tests {
     use crate::key;
     use crate::pgp::{split_armored_data, HEADER_AUTOCRYPT, HEADER_SETUPCODE};
     use crate::stock_str::StockMessage;
-    use crate::test_utils::{alice_keypair, TestContext};
+    use crate::test_utils::{alice_keypair, TestContext, TestContextManager};
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_render_setup_file() {
@@ -1133,6 +1133,7 @@ mod tests {
         alice2.configure_addr("alice@example.org").await;
         alice2.recv_msg(&sent).await;
         let msg = alice2.get_last_msg().await;
+        assert!(msg.is_setupmessage());
 
         // Send a message that cannot be decrypted because the keys are
         // not synchronized yet.
@@ -1150,4 +1151,25 @@ mod tests {
 
         Ok(())
     }
+
+    /// Tests that Autocrypt Setup Messages is only clickable if it is self-sent.
+    /// This prevents Bob from tricking Alice into changing the key
+    /// by sending her an Autocrypt Setup Message as long as Alice's server
+    /// does not allow to forge the `From:` header.
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_key_transfer_non_self_sent() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = tcm.alice().await;
+        let bob = tcm.bob().await;
+
+        let _setup_code = initiate_key_transfer(&alice).await?;
+
+        // Get Autocrypt Setup Message.
+        let sent = alice.pop_sent_msg().await;
+
+        let rcvd = bob.recv_msg(&sent).await;
+        assert!(!rcvd.is_setupmessage());
+
+        Ok(())
+    }
 }
diff --git a/src/mimeparser.rs b/src/mimeparser.rs
index 801fa8ae2..5f2d41bc0 100644
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
@@ -510,7 +510,7 @@ impl MimeMessage {
 
     /// Parses system messages.
     fn parse_system_message_headers(&mut self, context: &Context) {
-        if self.get_header(HeaderDef::AutocryptSetupMessage).is_some() {
+        if self.get_header(HeaderDef::AutocryptSetupMessage).is_some() && !self.incoming {
             self.parts.retain(|part| {
                 part.mimetype.is_none()
                     || part.mimetype.as_ref().unwrap().as_ref() == MIME_AC_SETUP_FILE