diff --git a/include/mqtt.h b/include/mqtt.h
index 496da68..218e882 100644
--- a/include/mqtt.h
+++ b/include/mqtt.h
@@ -137,6 +137,14 @@ int __cheri_compartment("MQTT")
  *
  * `qos` indicates the level of QoS (0, 1, or 2).
  *
+ * `retain` indicates whether the message should be published as retained or
+ * not. The broker stores the last retained message and the corresponding QoS
+ * for that topic. Each client that subscribes to a topic pattern that matches
+ * the topic of the retained message receives the retained message immediately
+ * after they subscribe. The broker stores only one retained message per topic.
+ * Retained messages are cleared by publishing a zero length message with the
+ * retain flag set.
+ *
  * Both the topic and payload buffers must remain valid during the execution of
  * this function. If the caller frees them during the execution of this
  * function, the publish may leak application data to the broker through the
@@ -170,7 +178,8 @@ int __cheri_compartment("MQTT") mqtt_publish(Timeout    *t,
                                              const char *topic,
                                              size_t      topicLength,
                                              const void *payload,
-                                             size_t      payloadLength);
+                                             size_t      payloadLength,
+                                             bool        retain = false);
 
 /**
  * Subscribe on a given MQTT connection.
diff --git a/lib/mqtt/mqtt.cc b/lib/mqtt/mqtt.cc
index 6392680..35f73c2 100644
--- a/lib/mqtt/mqtt.cc
+++ b/lib/mqtt/mqtt.cc
@@ -469,12 +469,15 @@ namespace
 			              "are not set.");
 
 			// The payload and topic are only valid within the
-			// context of the callback: make them read-only and
-			// non-capturable.
+			// context of the callback: make them read-only,
+			// non-capturable, and limits to the length of the
+			// topic and payload.
 			Capability topic{publishInfo->pTopicName};
 			Capability payload{publishInfo->pPayload};
 			topic.permissions() &= CHERI::Permission::Load;
+			topic.bounds() = publishInfo->topicNameLength;
 			payload.permissions() &= CHERI::Permission::Load;
+			payload.bounds() = publishInfo->payloadLength;
 
 			publishCallback(topic,
 			                publishInfo->topicNameLength,
@@ -815,7 +818,8 @@ int mqtt_publish(Timeout    *t,
                  const char *topic,
                  size_t      topicLength,
                  const void *payload,
-                 size_t      payloadLength)
+                 size_t      payloadLength,
+                 bool        retain)
 {
 	if (!CHERI::check_pointer(topic, topicLength))
 	{
@@ -872,6 +876,7 @@ int mqtt_publish(Timeout    *t,
 		  publishInfo.topicNameLength = topicLength;
 		  publishInfo.pPayload        = payload;
 		  publishInfo.payloadLength   = payloadLength;
+		  publishInfo.retain          = retain;
 
 		  // Packet ID is needed for QoS > 0.
 		  int packetId = MQTT_GetPacketId(coreMQTTContext);