BCC encrypted email forking in Outlook Web Access

Outlook Web Access (OWA) has a feature called BCC Encrypted Email Forking that prevents blind carbon copy (BCC) recipient information from being leaked when users send encrypted emails. This feature is documented in OWA's manuals, but its implications are not typically well understood.

When you use Outlook Web Access to send an encrypted message with BCC recipients, the BCC Encrypted Email Forking feature saves a separate copy of the message for each recipient in the BCC field.

Enabled by default in OWA, the email forking function exists for the sake of email privacy and security. It prevents a full copy of the BCC list from appearing in the email's encryption certificate list -- where it could be seen by anyone who went looking for it. The certificate list is normally hidden from the user, but it's a trivial job to read the list if you know what you're doing.

The one downside to using OWA's BCC Encrypted Email Forking feature is that a separate copy of each email has to be stored for each BCC recipient -- and since each message is technically unique, they cannot be all stored as one message via single-instance storage.

However, if you have good policies in place that enforce the maximum size of outgoing messages, storage is usually cheap enough that this is not a concern. It's more worth your while to worry about "secure" email suddenly not being so secure anymore than it is to worry about the amount of space being used.

The folks at

    Requires Free Membership to View

Cryptigo, makers of secure e-mail solutions, have also written about this problem and have a blog post that discusses some other implications of using email forking.

About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter.

Do you have comments on this tip? Let us know.

Related information from SearchExchange.com:

  • Administration Guide: An administrator's guide to Outlook Web Access
  • Expert Advice: Tracking blind-copied email
  • Tip: Don't break single-instance storage during a mailbox migration
  • Reference Center: Exchange Server data management and storage tips

    Please let others know how useful this tip was via the rating scale below. Do you have a useful Exchange Server or Microsoft Outlook tip, timesaver or workaround to share? Submit it to SearchExchange.com. If we publish it, we'll send you a nifty thank-you gift.

    This was first published in October 2006

  • There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.