When using the Symantec Messaging Gateway (SMG) address masquerade feature, when a message is delivered outbound to and external domain, recipients at the masqueraded internal domain which appear in the CC: field do not have their addresses masqueraded as expected. This can expose information on the internal domain structure that address masquerade is intended to obscure as well as potentially causing issues with replies to messages with unmasqueraded recipients.
The address masquerade is not being applied to all recipient fields in outbound messages. Messages are delivered as expected but carbon comied recipients are unmodified.
This issue has been addressed with the SMG v10.0.2 release. SMG 10.0.2 and greater masquerades the following headers as expected: