Outlook Web Access (OWA) has a feature called BCC Encrypted Email Forking that prevents blind carbon copy (BCC) recipient information from being leaked when users send encrypted emails. This feature is documented in OWA's manuals, but its implications are not typically well understood.
When you use Outlook Web Access to send an encrypted message with BCC recipients, the BCC Encrypted Email Forking feature saves a separate copy of the message for each recipient in the BCC field.
Enabled by default in OWA, the email forking function exists for the sake of email privacy and security. It prevents a full copy of the BCC list from appearing in the email's encryption certificate list -- where it could be seen by anyone who went looking for it. The certificate list is normally hidden from the user, but it's a trivial job to read the list if you know what you're doing.
The one downside to using OWA's BCC Encrypted Email Forking feature is that a separate copy of each email has to be stored for each BCC recipient -- and since each message is technically unique, they cannot be all stored as one message via single-instance storage.
However, if you have good policies in place that enforce the maximum size of outgoing messages, storage is usually cheap enough that this is not a concern. It's more worth your while to worry about "secure" email suddenly not being so secure anymore than it is to worry about the amount of space being used.
The folks at
About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter.
Do you have comments on this tip? Let us know.
Related information from SearchExchange.com:
Please let others know how useful this tip was via the rating scale below. Do you have a useful Exchange Server or Microsoft Outlook tip, timesaver or workaround to share? Submit it to SearchExchange.com. If we publish it, we'll send you a nifty thank-you gift.
This was first published in October 2006