Security Considerations
Both RFC 2821 and RFC 2822 discuss problems with Bcc: in their "Security Consideration" sections, in part because, as mentioned above, the processing for the Bcc: header is not standardized and there are several different ways that it can commonly be implemented.
- RFC 2821 notes that some mail systems will add private headers showing all recipients that the e-mail was sent to, thus leaking the Bcc: list.
- RFC 2822 notes three problems:
- If the Bcc: header is completely removed, people who receive a blind copy may not notice they are not on either the To: or Cc: and reply to everyone, thus leaking that blind copies were sent.
- If the Bcc: header is not removed for people being sent a blind copy, then all blind copy recipients will know who got blind copies.
- If the email addresses on the Bcc: header are removed, but the header is not, this will leak the fact that some blind copies were sent.
- E-mail spam occasionally uses Bcc: to create fake accidental leaks of confidential information, e.g. in a variant of the pump and dump scheme.
Read more about this topic: Blind Carbon Copy
Famous quotes containing the word security:
“If we could have any security against moods! If the profoundest prophet could be holden to his words, and the hearer who is ready to sell all and join the crusade, could have any certificate that to-morrow his prophet shall not unsay his testimony!”
—Ralph Waldo Emerson (1803–1882)