How does using BCC help reduce spam?

Helping people with computers... one answer at a time.

When forwarded, an email using BCC is one way to reduce the amount of spam your recipients might get as the email is forwarded further.

Is it true that if I use BCC to email attachments, it will mean less danger of spam? How's that?

•

It's not so much about attachments, as it is any email you receive and then forward.

And it's not so much about saving yourself from getting more spam, but saving the people that sent you the email you're about to forward.

It's all about keeping their email addresses private and un-harvestable.

•

The scenario works like this: you get a wonderful piece of humor via email - maybe a joke, some goofy pictures, or something else that you want to forward to your friends. (Note: never forward anything that actually asks you to forward it without checking it out first. It's likely an urban legend.)

The mail you got looks something like this:

From: yourfriend@reallybigbookstore.com
To: you@reallybigbookstore.com
Cc: anotherfriend@reallybigbookstore.com, anotherfriend2@reallybigbookstore.com,
    someoneelse@reallybigbookstore.com, acontact@somerandomservice.com,
    morepeople@somerandomservice.com
Subject: This is funny

I thought this joke was kinda funny:

A pirate walked into a bar and the bartender said, ...

"... never forward anything that actually asks you to forward it ..."

(All the email addresses are fake, and just for example purposes.)

Your friend has emailed you some humor, and cc'd a number of other people.

Think about that for a moment. You can see all the email addresses on the CC line. If you're a spammer, you just got 5 more known-valid email addresses that you can add to your list of email addresses to spam. In fact, any of the people on the CC line could do this as well.

But it gets worse. You think this joke is really funny, and worth forwarding on to more of your friends, so you hit "Forward", and create a message that looks like this:

From: you@reallybigbookstore.com
To: aclosefriend@reallybigbookstore.com, familymember@somerandomservice.com,
    apal@somerandomservice.com, collegue@reallybigbookstore.com
Subject: FW: This is funny

Pretty cute...

> From: yourfriend@reallybigbookstore.com
> To: you@reallybigbookstore.com
> Cc: anotherfriend@reallybigbookstore.com, anotherfriend2@reallybigbookstore.com,
>     someoneelse@reallybigbookstore.com, acontact@somerandomservice.com,
>     morepeople@somerandomservice.com
> Subject: This is funny
> 
> I thought this joke was kinda funny:
> 
> A pirate walked into a bar and the bartender said, ...

Just look at all the email addresses that are visible to anyone who gets this message. It's a veritable gold mine of known-good email addresses that they can then use for any purpose they wish. Spam, of course, is the most obvious, but there are a raft of privacy issues that result as well.

And after the message has been forwarded a few times the list of juicy email addresses at the top often exceeds the length of the actual message at the bottom!

(And you'd be surprised at how often the resulting email messages gets forwarded by someone to a mailing list that is archived on the web, where it a) lives pretty much forever, and b) is even more easily harvested by spammers.)

There are two things you must do to avoid adding to the problem:

Use BCC for the recipients. This will prevent the email addresses you send the humor to from being visible to the people that get it. (How you do this will vary from mail program to mail program, but almost all have it.)
Edit out any email addresses in the body of the message before you send. This will remove all the prior recipients from being visible, and has the added benefit of making the email easier to read.

Of course you should always consider whether the message should be forwarded at all, but I'll assume you've made that decision properly.

So this time, when we forward that original, we do those two things:

Instead of entering all those addresses on the TO or CC lines, we send the message "to" ourselves, and put all the recipients on the BCC line.
After pressing the "Forward" button, but before pressing "Send", click in the body of the message and simply delete all the lines that are nothing more than forwarded email headers.

Using the example from above, here's the result:

From: you@reallybigbookstore.com
To: you@reallybigbookstore.com
Bcc: aclosefriend@reallybigbookstore.com, familymember@somerandomservice.com,
    apal@somerandomservice.com, collegue@reallybigbookstore.com
Subject: FW: This is funny

Pretty cute...

> I thought this joke was kinda funny:
> 
> A pirate walked into a bar and the bartender said, ...

What the people getting this message see is this:

From: you@reallybigbookstore.com
To: you@reallybigbookstore.com
Subject: FW: This is funny

Pretty cute...

> I thought this joke was kinda funny:
> 
> A pirate walked into a bar and the bartender said, ...

Not an email address to be found.

Nothing for spammers to harvest.

Article C3643 - February 8, 2009

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

Why shouldn't I forward this email asking me to "forward to everyone I know"?
How do I hide the email addresses I'm sending to on a message? It's possible to send email to someone without having their email address show up on the To: or Cc: lines by using Blind Carbon Copy or Bcc.
How to I view the list of BCC'ed recipients on an email I've received? The list of BCC'ed recipients is not included in emails, so there is no way of determining if and who else the email was sent to.
The Pirate - out at Forwarded Funnies.

Recent Comments

20 Comments

All the big email services (Gmail, Yahoo) claim to be opposed to spam, why don't they just make BCC the default setting and require personal attention when you want to send an open (visible) carbon copy?

Posted by: Digital Artist at February 16, 2010 1:18 PM

Many thank yous for this article. I seem to have a fair number of tech "challenged" friends & family. This forwarding of cutesy jokes, riddles, etc. always comes with the above mentioned CC problems. I try to get them to visualize crossing out the address on an envelope then remailing it to other recipients.

Anyhow, your explanation is much better. Oh, also to "Digital Artist" love the suggestion of BCC as the default setting.

Posted by: Maria at February 16, 2010 6:23 PM

Please use the full words when sending how to information like what is CC and BCC I don't have any idear what they mean please explane them.Thank you.

Posted by: michael clark at February 17, 2010 4:48 AM

BCC is a great tool...but for the stuff yakked about in this article...Better yet! Stop sending all this junk around the Internet. Do you really really think this behavior means you're the friend of someone because you load up their chuckle box? It bogs down email servers, slows the Internet with extra traffic, and sometimes has inadvertently passed links to virus sites. If you or your friends need chuckles that bad, figure out how to be funny on your own. MOST of the seriously needed information sent around the net is garbage, untrue, and ridiculous. And the little that is true and worthwhile...if it's so worthwhile, bring it to the attention of an agency responsible in that area and see to it they publish it for people to see. CHECK THINGS OUT THOROUGHLY BEFORE YOU SEND ANYTHING AROUND! Just because you poked over to Snopes and see an approval flag does not necessarily mean you read the fine print there, or researched further. Many of the "true" ones are also BS or otherwise unworthy of your attention. (chuckle on that)
And btw...don't use Forward. Copy paste the message body into a new email, then call up your mailing list into the BCC field. If there is none, put each email address inside parentheses.

Posted by: Doug Couch at November 5, 2010 2:53 AM

There is another problem that your suggestions seems to bring up. BCC can also be used to hide your address in such a manner that you'll get spam and never see your address in it?

Your explanation of BCC here is the first instance I've actually seen in 15 years that managed to possibly explain this to me.

Email may be a pain sometimes but I would think IM is 10X the pain. Since any protocol involves giving up control at some point to deliver data you are at the mercy of the network at all times I would suppose. The system was born open and people are used to getting their messages etc without a hassle and somebody will get what they want eventually. Perhaps if BCC were mandatory for all addresses beyond the first?

Still, when you get a spam email that has no trace of you in it it's probably worse to you than the other way around, highly bothersome and doesn't leave you feeling any better, as in, "how the blank..."?

Posted by: Steven at December 28, 2010 4:15 PM

See all 20 comments...

Post a comment on "How does using BCC help reduce spam?":

Name: (Required - will be included when your comment is published.)

Email Address: (Required - will not be published.)

Remember Me? YesNo

Comments: (You may use HTML tags for style)

Before commenting, please...

READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored.
Comment only on the article. Use the search box at the top of the page if you have a question about something else.
NO PERSONAL INFORMATION in the comment. No email addresses. No phone numbers. No physical addresses.

Anything that looks the least bit like spam will be deleted. Links to unrelated sites or links that appear to be primarily promotional will be deleted, or the comment will be deleted.
Don't ask me to recover lost passwords or hacked accounts. I can't. Those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2012 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/how_does_using_bcc_help_reduce_spam.html