Outlook & Outlook Express Email Security/Recovery

Interesting piece of information I came across regarding Outlook and Outlook Express. If you're trying to recover recently deleted emails it's great, from a security stand point of view it's not a very good thing. Most people are aware that when you delete a file it's not gone until it's overwritten by other data, in the case of Outlook and Outlook Express it doesn't remove them at all.

That is correct you could have "deleted" emails existing on your hard drive within files that could possibly exist forever depending on how much you use email. The basics are this, Outlook and Outlook Express store emails in a flat DB file as plain text. For example you could search your HDD for the file extension .pst(Outlook) or .dbx(Outlook Express). I'll concentrate on Outlook Express from here as I don't have Outlook. The .dbx files would be the folders used in Outlook Express, for example you would have one named inbox.bbx , outbox.bx etc. These files can be opened with a text editor like notepad.

When you delete a email in either of these applications the email is not removed from this file, it's marked somewhere as deleted and is simply hidden from view when you open the program. Now this makes for easy recovery if you accidentally delete an email and wish to get it back. If it's just one email you could open the .pst or .dbx file up in any text editor and just search the file for keyword/phrase such as the email address of who sent it. One thing to note is this isn't how you would normally see it as you'll get the source code.

Where the security issues come in are obvious, as I already mentioned most people are aware that data is not truly deleted until it is overwritten by other data but in this case since it still exists in a file that won't happen. For example if you went in and deleted all your emails and then used a disc wiping utility most people would expect that the emails would be getting wiped as well but they won't be because they still exist within the file.

Apparently when they are removed is when you compact them, yet another mystery solved for myself because I knew it didn't compress them. I'm not sure if performs any other tasks when you comapact but if it doesn't this button should be renamed "permanently delete" email from file system because that is in fact what it does. Once that is complete they will be removed and the space they occupied on disc will be free to be used for other data and eventually will be over written or you could use a disc wiping utility.

The problem does not stop there at least with Outlook Express, as a test I deleted about 1000 messages in a folder of emails I really didn't need. Attempting to compact produces no results and the file size remains unchanged. So after compacting which should remove them permanently from the file they still exist in the file. My only guess is OE has an internal threshold that the file must be and compacting only happens when it is met. It appears there is no way to manually delete an email from this file through OE. The next time I get prompted by OE to compact I'll let you know the results.

Very interesting and very alarming. More reason that people need to wipe their hard drives before putting their computers out for recycling and/or giving them away. I receive a lot of computers from individuals and companies that I am then able to recycle to needy people. I always use a low level disc wiping program (DOD) to ensure that their data can never be recovered.

For wiping you can use DBAN but that wipes everything including the OS. The trouble is a lot of these products only wipe free space.