What Exactly Is a Bcc Anyway?
Adding a Bcc to an email is a clever approach to sending a hidden copy that will not be visible to any other receipients. It is similar to its friendly cousin cc except no one will know about it. But do you really know exactly what it was created for and what it actually does when you hit send? Let's find out.
Origin
Let's start by spelling it out: Bcc stands for Blind carbon copy. Hmm carbon copy, must be an email invention right? Nope, a carbon copy is something that dates back to the era of typewriters when carbon paper would be placed in front of one or multiple extra sheets of paper, in order to make copies of the typed letter.
Make sense right? And if you think bcc is an email invention, you're wrong again. Blind carbon copies was a trick that secretaries used to add multiple receipient addresses of a document after the actual copy was made. This would ensure that the receipients could not see who else got the letter. They were, in a way, blind.
Specification
Now that you know all about the origins of Bcc and how it worked for typewriters and letters you may wonder how it should work for electronic mail. Well, you're in for quite a ride!
The email standards defines Bcc in RFC5322 as a destination address field which may contain [address-list / CFWS] CRLF. In other words, it's a list of addresses and may also contain folding white space or comments and is followed by Carriage Return and Line Feed.
And that's not all! The RFC5322 specification also states that the Bcc field "contains addresses of recipients of the message whose addresses are not to be revealed to other recipients of the message". However, it continues to state that there are actually three ways to which the Bcc field may be used. In the first case, the complete Bcc field is stripped from the email, but each of the addresses specified will still receive a copy. Nothing new here, you know all of this right?
The next case is a bit more interesting, "In the second case, recipients specified in the "To:" and "Cc:" lines each are sent a copy of the message with the "Bcc:" line removed as above, but the recipients on the "Bcc:" line get a separate copy of the message containing a "Bcc:" line. (When there are multiple recipient addresses in the "Bcc:" field, some implementations actually send a separate copy of the message to each recipient with a "Bcc:" containing only the address of that particular recipient.)".
Wait, what? Only some clients hide the Bcc addresses from each other? This doesn't sound anything like the Bcc I was promised?
You just wait until you hear about the third case which states that "Finally, since a "Bcc:" field may contain no addresses, a "Bcc:" field can be sent without any addresses indicating to the recipients that blind copies were sent to someone".
You're joking right? People can see that I've sent hidden copies of my email?
Not really. And it's mostly thanks to this line right here: "Which method to use with "Bcc:" fields is implementation dependent, but refer to the "Security Considerations" section of this document for a discussion of each".
Reality
Before you start trembling with fear over what happens when you send your secret email copies. Let's look at what actually happens when you add Bcc to an email.
This is an email sent using FastMail with a single receiver and Bcc. It looks the same in email clients of the receiver as well as the Bcc.
Message-Id: <[REDACTED]@www.fastmail.com>
Date: Wed, 26 Jan 2022 10:52:52 +0100
From: "[SENDER NAME]" <[SENDER EMAIL]>
To: [RECEIVER EMAIL]
Subject: Hello
Content-Type: text/plain
Hey There!Well that looks great right? Yes. Yes it does. There's no trace at all from the Bcc receiver.
Indeed, Bcc is an incredibly functionality with a lot of privacy advantages compared to email syncing with IMAP. Oh, and don't forget that it has a lovely hipster approved history that you know all about now as well.
So, let's all use Bcc a little bit more, and sync our complete mailbox with every external service possible a little bit less.
Happy electronic mailing!
