How does using BCC help reduce spam?

Search First! Then browse: Categories | Full Archive | By Date | Newsletter

Summary: When forwarded, an email using BCC is one way to reduce the amount of spam your recipients might get as the email is forwarded further.

Is it true that if I use BCC to email attachments, it will mean less danger of spam? How's that?

•

It's not so much about attachments, as it is any email you receive and then forward.

And it's not so much about saving yourself from getting more spam, but saving the people that sent you the email you're about to forward.

It's all about keeping their email addresses private and un-harvestable.

•

The scenario works like this: you get a wonderful piece of humor via email - maybe a joke, some goofy pictures, or something else that you want to forward to your friends. (Note: never forward anything that actually asks you to forward it without checking it out first. It's likely an urban legend.)

The mail you got looks something like this:

From: yourfriend@reallybigbookstore.com
To: you@reallybigbookstore.com
Cc: anotherfriend@reallybigbookstore.com, anotherfriend2@reallybigbookstore.com,
    someoneelse@reallybigbookstore.com, acontact@somerandomservice.com,
    morepeople@somerandomservice.com
Subject: This is funny

I thought this joke was kinda funny:

A pirate walked into a bar and the bartender said, ...

"... never forward anything that actually asks you to forward it ..."

(All the email addresses are fake, and just for example purposes.)

Your friend has emailed you some humor, and cc'd a number of other people.

Think about that for a moment. You can see all the email addresses on the CC line. If you're a spammer, you just got 5 more known-valid email addresses that you can add to your list of email addresses to spam. In fact, any of the people on the CC line could do this as well.

But it gets worse. You think this joke is really funny, and worth forwarding on to more of your friends, so you hit "Forward", and create a message that looks like this:

From: you@reallybigbookstore.com
To: aclosefriend@reallybigbookstore.com, familymember@somerandomservice.com,
    apal@somerandomservice.com, collegue@reallybigbookstore.com
Subject: FW: This is funny

Pretty cute...

> From: yourfriend@reallybigbookstore.com
> To: you@reallybigbookstore.com
> Cc: anotherfriend@reallybigbookstore.com, anotherfriend2@reallybigbookstore.com,
>     someoneelse@reallybigbookstore.com, acontact@somerandomservice.com,
>     morepeople@somerandomservice.com
> Subject: This is funny
> 
> I thought this joke was kinda funny:
> 
> A pirate walked into a bar and the bartender said, ...

Just look at all the email addresses that are visible to anyone who gets this message. It's a veritable gold mine of known-good email addresses that they can then use for any purpose they wish. Spam, of course, is the most obvious, but there are a raft of privacy issues that result as well.

And after the message has been forwarded a few times the list of juicy email addresses at the top often exceeds the length of the actual message at the bottom!

(And you'd be surprised at how often the resulting email messages gets forwarded by someone to a mailing list that is archived on the web, where it a) lives pretty much forever, and b) is even more easily harvested by spammers.)

There are two things you must do to avoid adding to the problem:

Use BCC for the recipients. This will prevent the email addresses you send the humor to from being visible to the people that get it. (How you do this will vary from mail program to mail program, but almost all have it.)
Edit out any email addresses in the body of the message before you send. This will remove all the prior recipients from being visible, and has the added benefit of making the email easier to read.

Of course you should always consider whether the message should be forwarded at all, but I'll assume you've made that decision properly.

So this time, when we forward that original, we do those two things:

Instead of entering all those addresses on the TO or CC lines, we send the message "to" ourselves, and put all the recipients on the BCC line.
After pressing the "Forward" button, but before pressing "Send", click in the body of the message and simply delete all the lines that are nothing more than forwarded email headers.

Using the example from above, here's the result:

From: you@reallybigbookstore.com
To: you@reallybigbookstore.com
Bcc: aclosefriend@reallybigbookstore.com, familymember@somerandomservice.com,
    apal@somerandomservice.com, collegue@reallybigbookstore.com
Subject: FW: This is funny

Pretty cute...

> I thought this joke was kinda funny:
> 
> A pirate walked into a bar and the bartender said, ...

What the people getting this message see is this:

From: you@reallybigbookstore.com
To: you@reallybigbookstore.com
Subject: FW: This is funny

Pretty cute...

> I thought this joke was kinda funny:
> 
> A pirate walked into a bar and the bartender said, ...

Not an email address to be found.

Nothing for spammers to harvest.

Related:

Why shouldn't I forward this email asking me to "forward to everyone I know"?
How do I hide the email addresses I'm sending to on a message? It's possible to send email to someone without having their email address show up on the To: or Cc: lines by using Blind Carbon Copy or Bcc.
How to I view the list of BCC'ed recipients on an email I've received? The list of BCC'ed recipients is not included in emails, so there is no way of determining if and who else the email was sent to.
The Pirate - out at Forwarded Funnies.

Article C3643 - February 8, 2009

Recent Comments

12 Comments

You are absolutely right about the collection of addresses that come with many forwarded mails,
but there is not even any need to fill in the To:line nor the CC line all addresses on the blind copy line will do,using Outlook Express.So no need even to send it to your self.
Joe

That's actually not true for all mail programs and all mail providers. Some will reject mail without a visible recipient, so it's just easier to send it to yourself. Also email without a visible recipient, when it does make it through, is more likely to be flagged as spam.

- Leo
11-Feb-2009

Posted by: joe thiel at February 10, 2009 9:04 AM

It's certainly the conventional wisdom these days that you should use BCC when sending to multiple recipients, but to play devil's advocate for a moment I'd like to point out that there are drawbacks. For instance, you sent several people an important e-mail, but can't remember whether you left certain addressees out. It's easy to reopen it in your sent folder and check, isn't it?

Not if you BCCed them! You won't see the blind copied recipients even in Outlook Express; I've tried, even using dodges found on the net which apparently worked in the past, but not now, at least on my system. So you'd better keep a list of those addressees somewhere else. Then I have to admit that there have been times when someone else has lifted my address from a list on a message, or I have found an acquaintance's in that way, and the resulting communications have been helpful. Everyone is so jealous of their privacy nowadays that finding people can be difficult, eg with most telephone numbers beung ex-directory. I am not convinced that the gains from this outweigh the losses.

I am also not convinced that spammers harvest their addresses in this way. It doesn't sound very practical. I have been sending and receiving e-mails with large numbers of addresses for years with no noticeable affect on my spam: I think the servers are quite good at filtering it now. So I think the question is arguable.

Posted by: Bernard Winchester at February 10, 2009 9:04 AM

Not only should you remove the lines that are nothing more than forwarded email headers, the message would be much more readable were you to remove all of the > symbols.

In outlook express if you click on Tools, then Options, then the Send tab, uncheck the box 'Indent message on Reply' for both HTML settings and Text settings.

If, however, you use web mail, some web mail programs do not allow you to make any changes to the message being forwarded but send them as attachments after adding the indents and headers. (One more reason to use an POP e-mail instead of web mail.)

Posted by: Jake Smith at February 10, 2009 9:05 AM

While the BCC addresses are definitely not included in the copies of the message sent by your email provider to the BCC addressees, they appear to be included in the original message as it travels from you to your email provider; that would seem to be necessary so that your email provider knows where to send the copies. So a spammer could still harvest the BCC addresses if your email is intercepted on the way from you to your email provider, although not on its way from there to the recipients.

Posted by: Terry Baker at February 10, 2009 9:11 AM

Great tip...just goes to show....you can learn somethin new everyday, no matter how much you think you know...lol Of course I never forward anything, it's like a petpeeve to me.

Posted by: David at February 10, 2009 11:17 AM

Much easier way to do this. I just copy the the message and paste it in a new e mail with only the address's I want....to, CC or BCC

Posted by: Bob Rutske at February 10, 2009 6:57 PM

@ Bernard Winchester,
Yes, its harder to mfind who you BCC'd, but its possible. (In Outlook Express)
Find the email in 'Sent Items'
Right-click->properties
Then click on the 'Details' tab. They are all there easy to find.

Always use BCC is you send to multiple people unless you want them to know you have sent it to each other.

Posted by: Fred at February 10, 2009 10:59 PM

It doesn't seem to work this way if you use AOL..
I have told people how to send to Bcc, but if they have AOL, they can't do it!

Posted by: Marion Sutton at February 13, 2009 8:47 AM

In windows live mail you can see who you sent it to by just looking in sent items and I leave the 'to' empty most of the time and they have always went where I sent them to none have been refused and all were answered when I requested them to be.

Posted by: Gary Adsitt at February 20, 2009 2:19 PM

Yes, Marion Sutton, it does work on AOL. I am on AOL and use BCC and it works. In the "Copy To:" section, type in all your recipients, putting them all together in parentheses. That is, put the open parentheses before the first e-mail address and the close parentheses after the last one. I use this method all the time.

Posted by: Gail Roth at March 6, 2009 4:07 AM

See all 12 comments...

Post a comment on "How does using BCC help reduce spam?":

Name: (Required) Email Address: (Required) (Email Address will not be published.) Remember Me? YesNo	By popular demand... my tip jar Buy Leo a Latte!
Comments: (you may use HTML tags for style)	Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.

Don't spam. Excessive links to unrelated sites within a comment or across multiple comments will cause all such comments to be removed.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!

Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure