Why we shouldn't send email to big lists of recipients

Sun, 2008-06-08 19:43 by hcroze · Forum/category:

I have found myself forwarding the following advice so many times, that I've decided to put it into a forum topic. So, here it is...

Basically it's not a good idea to To: or even Cc: to long lists of recipients. The reason seems to be that bad bots out there are searching for such lists, capture the addresses and then feed them into spam or worse lists. Putting the names in a Bcc: list is said to be OK. When I asked our tame Webmaster, Hans-Georg Michna, why, he said:

The reason is that the Bcc line is not transmitted to the
recipients. That's actually its purpose and the reason why it
carries the "blind" tag. All other lines, like To: and Cc: are
sent to all recipients.

You as the sender can see the Bcc: line. You wrote it anyway.
But each recipient can only deduce that he's in the Bcc: line
from the fact that he isn't in the To: or Cc: line, but still
received the mail. He cannot know the other Bcc: recipients
though.

And this means that if one of the recipients gets infected by an
address spoofing worm or virus, all those other email addresses
are not at its disposal. Another reason is that some people may
not want their email address in too many address books, because
they don't want to receive more email from people they are not
interested in or they don't like.

This is not valid among a closely-knit group of people who have
all of each other's email addresses in their address books
anyway. Therefore I write trust member addresses into the To:
and Cc: lines. When it comes to writing to many outsiders
though, the rule should hold.

If you want the friendly group to see who else is on the list, Hans says it's best to do a global replace of the @ with something else, like a © or the €. Reason: the bots search the body of the message as well. Hans, for example, is very thorough and replaces the @'s in his websites as well.

In a follow-up response to the laments I have heard that doing all this is a huge pain, let me assure you that, depending on your mail client software, replying properly to a big list could be as few as half-dozen simple operations. In the offending mail:

(1) click Reply All;
(2) go to the big cc list that should have appeared in the new outgoing and select them all with <ctr>+a (<cmd>+a for Macs, of course);
(3) cut them all with <ctr>+x (you can also use mouse Right-click/Cut or Copy or Paste instead of the old-fashioned Control Key route);
(4) put your cursor in the bcc field and paste all the cut addresses with <ctr>+v.

You can then write and send the message to the same big list as bcc's. But, if you want also to let folks know who else was bcc'd, carry on with:

(5) put your cursor in the message where you want the bcc list and paste again with <ctr>+v (assuming you haven't done another <ctr>+c in the meanwhile);
(6) highlight the list with a two Left-clicks and then go to Edit/Find/Replace in the mail client and replace @ with €, $, or whatever. That's it. Send the mail safely.
(7) Note to Gmail (and probably other service) users: Gmail rejects lists -- even in bcc -- over 100 strong. So if you have a very long list of recipients, you'll have to send the message to blocks of 100 or less bcc recipients.

I admit that the last step takes about half a dozen mouse-clicks or keystrokes in Mac Mail. If your mail software doesn't allow replacing in a selection (as opposed to the whole of the message) or doesn't do replacing at all (like Outlook Express) you may have to do the replacement in PC Notepad or Mac TextEdit. Again about half a dozen moves and clicks. No big deal, especially in the knowledge that you are fighting spam.