We do this stripping of BCC while its in the spool before its sent, are you sure these messages came from us?

It's the responsibility of the sender to strip the BCC header right before it is transmitted to the recipient SMTP server. Our spool does this however seeing messages in a GMAIL account with this problem could mean they came from a source that wasn't us or used a mechanism of ours that would bypass the BCC removal-logic. If SmarterMail transmitted the emails your seeing in the GMAIL account then it might be need to be looked into as a bug, is this your case?

Hi Matt - I see what you mean. However I have tested this on two separate SM servers by sending emails to myself and including both my GMail and Outlook accounts in the BCC. When I view the email in my GMail account the addresses are shown in the BCC. Not so in Outlook or SM. 

One of our clients brought this too our attention as a (GMAil) recipient of one of their emails could see all the recipients in the BCC field. 

I just did a test from SM webmail where I composed an email TO "example@gmail.com" with BCC  "example@hotmail.com" and "example@example.com". When viewing the message in Gmail I do not see the BCC. I'd try to figure out how these messages are getting to your user. It's not the software's responsibility to hide BCC its the senders servers responsibility to not even include it. The fact your able to see it in Google means whoever sent to TO google is NOT stripping BCC.

Hi Matt - I'll open a support ticket so I can send you details. I also need to run some more tests here.

Thanks for your input!

I tested this as well following a scenario similar to Robert's, but was not able to replicate. As part of the ticket handling I'm seeking access to logs/configuration so we can take another look. Will report back once we narrow it down. Thanks Robert!