Blind carbon copy

Last updated

A blind carbon copy (abbreviated Bcc) is a message copy sent to an additional recipient, without the primary recipient being made aware. This concept originally applied to paper correspondence and now also applies to email. [1] "Bcc" can also stand for "blind courtesy copy" as a backronym of the original abbreviation. [2]

Contents

In some circumstances, the typist creating a paper correspondence must ensure that multiple recipients of such a document do not see the names of other recipients. To achieve this, the typist can:

With email, recipients of a message are specified using addresses in any of these three fields:

It is common practice to use the Bcc: field when addressing a very long list of recipients, or a list of recipients who should not (necessarily) know each other, e.g. in mailing lists. [3]

SMTP Mechanism for Email

BCC in email is handled uniquely by the Simple Mail Transfer Protocol. Here BCC recipients are managed by specifying all recipients using the RCPT TO command, without distinguishing between To, CC, or BCC fields. The SMTP "envelope" includes each recipient, including those in BCC, but only To and CC recipients appear in the email headers visible to recipients. Provided SMTP servers respect this, this setup keeps BCC addresses hidden from end recipients, but allows each recipient to receive the email, as they are omitted from the email’s header information shown in email clients, while still being included in the SMTP delivery commands used to send the email. Consequently, email clients display only the listed To and CC recipients, preserving the privacy of BCC recipients. [4]

Benefits

There are a number of reasons for using this feature:

Disadvantages

In some cases, the use of blind carbon copy may be viewed as mildly unethical. The original addressee of the mail (To: address) is left under the impression that communication is proceeding between the known parties, and is knowingly kept unaware of others participating in the primary communication. [6]

A related risk is that by (unintentional) use of "reply to all" functionality by someone on Bcc, the original addressee is (inadvertently) made aware of this participation. For this reason, it is in some cases better to separately forward the original e-mail.

Depending on the particular email software used, the recipient may or may not know that the message has been sent via Bcc. In some cases, 'undisclosed recipients' placed in the To: line (by the software) shows that Bcc has been used. In other cases, the message appears identical to one sent to a single addressee. The recipient does not necessarily see the email address (and real name, if any) originally placed in the To: line.

When it is useful for the recipients to know who else has received a Bcc message,

Related Research Articles

<span class="mw-page-title-main">Email</span> Mail sent using electronic means

Email is a method of transmitting and receiving messages using electronic devices. It was conceived in the late–20th century as the digital version of, or counterpart to, mail. Email is a ubiquitous and very widely used communication medium; in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries.

The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.

<span class="mw-page-title-main">Open mail relay</span> SMTP server that allows anyone to send e-mail through it

An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers.

<span class="mw-page-title-main">Email client</span> Computer program used to access and manage a users email

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

<span class="mw-page-title-main">Carbon copy</span> Copy of a document made by carbon paper

Before the development of photographic copiers, a carbon copy was the under-copy of a typed or written document placed over carbon paper and the under-copy sheet itself. When copies of business letters were so produced, it was customary to use the acronym "CC" or "cc" before a colon and below the writer's signature to inform the principal recipient that carbon copies had been made and distributed to the parties listed after the colon. With the advent of word processors and e-mail, "cc" is used as a merely formal indication of the distribution of letters to secondary recipients.

Various anti-spam techniques are used to prevent email spam.

Sender Policy Framework (SPF) is an email authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain. This authentication only applies to the email sender listed in the "envelope from" field during the initial SMTP connection. If the email is bounced, a message is sent to this address, and for downstream transmission it typically appears in the "Return-Path" header. To authenticate the email address which is actually visible to recipients on the "From:" line, other technologies such as DMARC must be used. Forgery of this address is known as email spoofing, and is often used in phishing and email spam.

A bounce message or just "bounce" is an automated message from an email system, informing the sender of a previous message that the message has not been delivered. The original message is said to have "bounced".

Sender ID is an historic anti-spoofing proposal from the former MARID IETF working group that tried to join Sender Policy Framework (SPF) and Caller ID. Sender ID is defined primarily in Experimental RFC 4406, but there are additional parts in RFC 4405, RFC 4407 and RFC 4408.

Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the domain ownership of any message transfer agents (MTA) who participated in transferring and possibly modifying a message.

<span class="mw-page-title-main">Message submission agent</span>

A message submission agent (MSA), or mail submission agent, is a computer program or software agent that receives electronic mail messages from a mail user agent (MUA) and cooperates with a mail transfer agent (MTA) for delivery of the mail. It uses ESMTP, a variant of the Simple Mail Transfer Protocol (SMTP), as specified in RFC 6409.

Many email clients now offer some support for Unicode. Some clients will automatically choose between a legacy encoding and Unicode depending on the mail's content, either automatically or when the user requests it.

Sieve is a programming language that can be used for email filtering. It owes its creation to the CMU Cyrus Project, creators of Cyrus IMAP server.

Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Disposable email address or "masked" email is a different topic, providing a masked email address that is not the user's normal address, which is not disclosed, but forwards mail sent to it to the user's real address.

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email, a technique often used in phishing and email spam.

Email forwarding generically refers to the operation of re-sending a previously delivered email to an email address to one or more different email addresses.

An email alias is simply a forwarding email address. The term alias expansion is sometimes used to indicate a specific mode of email forwarding, thereby implying a more generic meaning of the term email alias as an address that is forwarded in a simplistic fashion.

A mailbox is the destination to which electronic mail messages are delivered. It is the equivalent of a letter box in the postal system.

Backscatter is incorrectly automated bounce messages sent by mail servers, typically as a side effect of incoming spam.

<span class="mw-page-title-main">Gmail interface</span>

The Gmail interface makes Gmail unique amongst webmail systems for several reasons. Most evident to users are its search-oriented features and means of managing e-mail in a "conversation view" that is similar to an Internet forum.

References

  1. Stout, Chris. "DEAR NERD: Blind carbons hide addresses." Charleston Gazette (West Virginia, USA). 1998-01-18. page P5B. NewsBank record number 100F35638A890441.
  2. Crocker, D.; Vittal, J.; Pogran, K. T.; Henderson, D. A. (1977). "Standard for the format of ARPA network text messages". IETF Request for Comments (RFC) Pages - Test. ISSN   2070-1721.
  3. Husted, Bill. "Bad e-mail habits can be bothersome, embarrassing". The Atlanta Journal-Constitution (Georgia, USA). 2009-08-30. page E15. NewsBank record number 103419444.
  4. https://datatracker.ietf.org/doc/html/rfc5321#appendix-B
  5. Boodhoo, Niala; Carey, Bridget (2009-08-25). "Be careful when you 'reply all' to e-mail". Miami Herald. pp. C8. NewsBank record number 200908250100KNRIDDERFLMIAMIH_poked-08-25-09.
  6. Machin, Edward (February 9, 2024). "This week in data/cyber/tech: criminals using AI, BCC emails gone wrong, and monitoring in the toilets". ropesgray.