You are here:
Enforce Email Privacy Settings Control
Organization‑level setting that enforces strict email‑privacy behavior for Salesforce‑sent messages, limiting exposure of internal addressing and metadata that could aid phishing or social‑engineering attacks.
Control Name
Email Security - Deliverability (Select 'Enforce Email Privacy Settings')
Control Overview
Organization‑level setting that enforces strict email‑privacy behavior for Salesforce‑sent messages, limiting exposure of internal addressing and metadata that could aid phishing or social‑engineering attacks.
Description
When enabled, Salesforce restricts certain email‑privacy behaviors such as hiding BCC recipients, limiting directory‑based recipient lookups, and reducing the visibility of internal user details in email metadata, so that external recipients cannot easily infer internal org structure or user relationships.
Recommended Configuration
Select 'Enforce Email Privacy Settings' in Setup>Email Administration>Deliverability or Email Security.
Security Impact
Reduces the amount of internal company information exposed through email headers and recipient handling, making it harder for attackers to craft targeted spear‑phishing campaigns or to map internal user relationships.
Business Impact
Supports compliance and internal‑communication‑privacy expectations without significantly changing the core user‑facing email workflow; mainly affects how internal recipients are represented in message metadata.
Security Risk If Not Configured
Disabled email privacy and protection settings for users allow more internal metadata and addressing details to leak to external recipients, increasing the data available to attackers.
Threat Scenarios
Significant risk of reduced protection against spoofing and allowing malicious emails to reach inboxes disguised as legitimate communications; for example, an attacker can use exposed internal‑group‑membership or BCC information to craft highly targeted phishing emails that appear to come from trusted internal senders.
Estimated CVSS Score Range
Critical (9.0–10.0).
Risk Impact Considerations
The impact is highest when Salesforce is used to send email to external parties from shared mailboxes or distribution‑style users, and when those users have broad internal‑group or BCC visibility.
Higher Risk When
You send outbound emails to customers, partners, or prospects from roles with broad internal visibility (for example, shared‑support or sales‑ops users), and the company is subject to strict data‑privacy or email‑handling requirements.
Low Risk When
Most email traffic is internal, or external email is routed through a separate, tightly controlled email gateway that already enforces similar privacy controls.
Business and Integration Considerations
A must have for any org that sends email to external parties. Test with a small user group first to confirm that necessary workflows (for example, internal notification patterns) are not disrupted.
Security Health Review Guidance
Must have.
Who Is Impacted
Users who send outbound email from Salesforce, system administrators, email‑security and compliance teams, and external recipients who receive Salesforce‑originated messages.
