diff --git a/src/ssl.c b/src/ssl.c
index 57ef9e9f5..eba18e1e7 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -62257,6 +62257,8 @@ int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs,
     unsigned char* mem = NULL;
     int memSz = 0;
     WOLFSSL_PKCS7* p7 = (WOLFSSL_PKCS7*)pkcs7;
+    static const char contTypeText[] = "Content-Type: text/plain\r\n\r\n";
+    int contTypeLen;
 
     WOLFSSL_ENTER("wolfSSL_PKCS7_verify");
 
@@ -62287,8 +62289,21 @@ int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs,
         return WOLFSSL_FAILURE;
     }
 
-    if (out != NULL)
-       wolfSSL_BIO_write(out, p7->pkcs7.content, p7->pkcs7.contentSz);
+    if (flags & PKCS7_TEXT) {
+        /* strip MIME header for text/plain, otherwise error */
+        contTypeLen = XSTR_SIZEOF(contTypeText);
+        if ((p7->pkcs7.contentSz < (word32)contTypeLen) ||
+            (XMEMCMP(p7->pkcs7.content, contTypeText, contTypeLen) != 0)) {
+            WOLFSSL_MSG("Error PKCS7 Content-Type not found with PKCS7_TEXT");
+            return WOLFSSL_FAILURE;
+        }
+        p7->pkcs7.content += contTypeLen;
+        p7->pkcs7.contentSz -= contTypeLen;
+    }
+
+    if (out != NULL) {
+        wolfSSL_BIO_write(out, p7->pkcs7.content, p7->pkcs7.contentSz);
+    }
 
     return WOLFSSL_SUCCESS;
 }
diff --git a/tests/api.c b/tests/api.c
index 68b8dd6a4..2b2f88aac 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -46989,6 +46989,10 @@ static void test_wolfSSL_SMIME_read_PKCS7(void)
     PKCS7* pkcs7 = NULL;
     BIO* bio = NULL;
     BIO* bcont = NULL;
+    BIO* out = NULL;
+    const byte* outBuf = NULL;
+    int outBufLen = 0;
+    static const char contTypeText[] = "Content-Type: text/plain\r\n\r\n";
     XFILE smimeTestFile = XFOPEN("./certs/test/smime-test.p7s", "r");
 
     printf(testingFmt, "wolfSSL_SMIME_read_PKCS7()");
@@ -47026,6 +47030,24 @@ static void test_wolfSSL_SMIME_read_PKCS7(void)
     pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
     AssertNotNull(pkcs7);
     AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL, PKCS7_NOVERIFY), SSL_SUCCESS);
+    if (bcont) BIO_free(bcont);
+    wolfSSL_PKCS7_free(pkcs7);
+
+    /* Test PKCS7_TEXT, PKCS7_verify() should remove Content-Type: text/plain */
+    smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r");
+    AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+    pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
+    AssertNotNull(pkcs7);
+    out = wolfSSL_BIO_new(BIO_s_mem());
+    AssertNotNull(out);
+    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, out,
+                PKCS7_NOVERIFY | PKCS7_TEXT), SSL_SUCCESS);
+    AssertIntGT((outBufLen = BIO_get_mem_data(out, &outBuf)), 0);
+    /* Content-Type should not show up in output buffer */
+    AssertIntGT(outBufLen, XSTRLEN(contTypeText));
+    AssertIntGT(XMEMCMP(outBuf, contTypeText, XSTRLEN(contTypeText)), 0);
+
+    BIO_free(out);
     BIO_free(bio);
     if (bcont) BIO_free(bcont);
     wolfSSL_PKCS7_free(pkcs7);
diff --git a/wolfssl/openssl/pkcs7.h b/wolfssl/openssl/pkcs7.h
index ec02849a3..3eacd67f0 100644
--- a/wolfssl/openssl/pkcs7.h
+++ b/wolfssl/openssl/pkcs7.h
@@ -34,6 +34,7 @@
 
 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7)
 
+#define PKCS7_TEXT             0x1
 #define PKCS7_NOINTERN         0x0010
 #define PKCS7_NOVERIFY         0x0020