Previous: Encrypt-to-self, Up: Security

2.7.7 Bcc Warning

The Bcc header is meant to hide recipients of messages. However, when encrypted messages are used, the e-mail addresses of all Bcc-headers are given away to all recipients without warning, which is a bug. But now Message got to warn if Bcc recipients are found in an encrypted message when you are just about to send it. If you are sure those Bcc addresses are safe to expose, set the mml-secure-safe-bcc-list variable, that is a list of e-mail addresses. See