David F. Skoll wrote:
Hector Santos wrote:
Otherwise, you risk exposing Bcc: addresses.
I don't see it Ned, and reviewing this is putting a hurting on my brain.
In direct offline response to your BCC concern, but you moved back here
and failed to show an important pieces of the response, what I said
off-list can be summarized as follows:
A) The MUA is responsible for pulling the BCC, so there is no risk of
B) In the rare scenario where there the MUA creating a Multiple To:, and
a Bcc message, and there is no headers sent, there is no risk because
there were be 2 or more separate messages created by the post mail
processor, not MSA or MDA, one for each and each one assigned a TO: with
its corresponding recipient address. So there is absolute no risk of
As to why it may done, I also said:
C) A primary reason, as Ned pointed out too, is to offer strict 822
D) The presentation layer is important here. Customers will REAM you
if you don't tell in the the To: field in presentation devices.
E) It might be assigned something else like "To: All" depending if the
message is going to some special local conference forum or even gated
F) There are still applications, like prints, instant message, cell
phone text mail, even fax jobs where local mail bots are used.
All was in direct response to the concern you had with BCC.
Hector Santos, CTO