Erasing email "deleted files"


New Member
Note: This applies to Outlook Express 6 / Windows XP

I noticed a few questions relating to the secure deletion of email in Outlook Express. It really is not that difficult, its just a matter of plowing your way through the long path.

If all mail you want securely erased is placed in the "DELETED ITEMS" folder, you then simply - erase the deleted items folder! That particular folder is an "OE system folder" which re-creates itself immediately upon deletion in Windows XP.

1. Make sure "Show all hidden files and folders is ticked." This is important to gain access to the proper .dbx file, as you must go through "Local Settings" which is hidden.

2. Your particular path may vary, but if youre operating in default modes you should find this path:

C:Documents and SettingsYour User Name HereLocal SettingsApplication DataIdentities{6EC0E25C-4D75-4F51-8B16-8E1424A70FCE}(Number of course will vary)MicrosoftOutlook ExpressDeleted Items.dbx

3. All mail in "Deleted Items" - erased to your set wiping specifications.

Good Luck!

Theres making a big assumption in the above post. The assumption is that when a user moves a message from one OE folder to another, that the content is actually securely wiped from the previous folders dbx file. Thats a pretty huge assumption, and given that Microsoft wrote the application (and that they consistently fail at creating secure applications), I would imagine it is an invalid assumption.

As a matter of fact, it would be a pretty safe bet that the messages you think are gone are still right there on your hard drive.
The best solution, if you are truly concerned about this type of thing, is to use a strongly-encrypted virtual volume, and to keep all of your OE files on it. (I am referring to the kind of functionality provided by utilities like SafeHouse, BestCrypt, and DriveCrypt.)

It really isnt hard once you have it set up (though, admittedly, it can be a real pain to initially set up). I have a 5-GB "data" volume which uses AES encryption. All of my email resides in this volume. At each boot, I have a simple batch file called which serves to mount the volume (after I supply the password, of course), and then launch my email client. There are a few other tricks, but that is the main idea behind it.
Scott - I have a spare 22GB partition that is hardly being used. So you say I can create a 5GB or so partition off of this and encrypt it? Im running Win XP. What would it take to move all my OE stuff from my XP root partition to the encrypted one?

Yes, that would be completely doable. What Id recommend is creating two encrypted volumes--one for your data, and another for a backup. Of course, the backup volume should be on a different drive (or on removable media).

What it would involve would be: (1) Installing the encrypted-volume utility (I use BestCrypt, but I leave it to you to find your own favorite utility); (2) Creating the encrypted volume file (and perhaps a second volume file for backup); (3) Mounting the new encrypted volume; (4) Going into OE and moving the store folder; and (5) Doing a free space wipe on the partition where the OE store folder used to be.

The OE help file explains how to move the store folder:

quote:To change the location of your message store:
1) On the Tools menu, click Options, click the Maintenance tab, and then click Store Folder.
2) Click Change, and then select a new folder for your message store.This of course assumes you have already formatted and mounted your encrypted volume (at which point it would have its own drive letter, and would appear as just another drive in My Computer or Explorer, ready to have files placed on it).

To backup your encrypted files, you can either back up the entire encrypted volume file (which is not usually the way to go), or you can create a secondary encrypted volume file (on a different physical drive!), and back up on a file-by-file basis. My preferred method is the latter; I mount both of my encrypted volumes, then I run a backup utility (SmartSync Pro) which copies files from the main encrypted volume to the backup encrypted volume. However, the utility doesnt copy everything, every time--rather, it only copies those files that have changed (this can be a huge time saver).

Another note: Some encrypted-volume utilities let you resize your volume files after initial creation, others dont (still others claim they give you the ability to do so, but are buggy and dont actually let you). In any case, try to choose a reasonable volume file size. For example, if your OE stores currently take up 200 MB, create a 1-GB volume file, not a 22-GB volume file.
Scott - I spent last evening mulling over my OE situation. What I did was create a new small partition and moved over all the OE and Outlook e-mail files for me and the rest of my family. (Moving my Outlook .pst file was a slight pain.) It was fun having 8 users to move. I also set MSIE to write its cache to the same partition for all 8 users. Although I didnt set up encryption due to lack of $$$s to buy a good encryption program I now have a small partition where I can easily manage this stuff and run ERASER over it in just a few minutes.

BTW, do you know a way for me to move my MSIE cookie and MSIE history files from their current location over to my new partition? I couldnt find a way to do this. If there are options to do this then theyre buried somewhere deep in MSIE. Im running WinXP Professional with 8 users.

Again, thanks for the useful tips.
You should be able to move History and Cookies for your own profile by modifying the applicable "Cookies" and "History" registry values under these keys:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell Folders

If you log in with administrative rights, you can also change the corresponding values for your other users. These values would appear under:

HKEY_USERS[user string]SoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell Folders

Please note that I have personally never made this registry change, so I cannot vouch for how (or whether) it will work for you.

I do know that your current folder contents will (of course) not be moved automatically, and that a reboot is required.
DOH! - Just minutes after I sent my question I remembered back in my old Win98 days I had some .REG files that did this. I saved copies of my cookies, history and favorites, ran the .REGs, rebooted, populated the new folders with my saved copies and deleted the old folders.

I dont know why Mr. Gates made some things so hard to do.