When sending a Secure Message, you have a list of available Access Permissions:
The default values and available options can be configured on a per group basis as outlined in Secure Message Overview.
If Authentication is required to access the message/download or not.
Enabling Authentication when sending a Secure Message does two things — first, it requires that whomever is accessing this message requires authentication. The other is that when someone authenticates, we know who they are. Without authentication, LiquidFiles don't know who has accessed the message and can for instance not send as detailed access/download receipt as with authentication. With authentication, LiquidFiles can enforce expires after limits to a certain number of downloads per recipient. Without authentication, LiquidFiles cannot restrict per recipient because its not possible to know who accessed the page.
When authentication is enabled and LiquidFiles knows who has accessed the message, we can further restrict or ease the restrictions of who can access the message and download attached files.
If you send a message to email@example.com, only this particular recipient will be able to access the message. This is the default setting and the most restrictive.
Recipient + Locals
With Recipients + Locals, all specified recipients and all Local Users will be able to access the message.
Recipient + Domains
With Recipients + Domains, all specified recipients and any user in any recipient domain will be able to access the message. If for instance you send a Secure Message to firstname.lastname@example.org then email@example.com will also be able to access the message but not firstname.lastname@example.org.
Anyone (Secret Link) with Authentication
We put (Secret Link) in the label because there was a lot of confusion what Anyone meant. A lot of people wronly assumed that by sending a Secure Message without Access restrictions, it somehow meant that the entire Internet immediately got access to the message and there was no security what so ever. What it actually means is that there is a randomized Secure Message ID that is not possible to guess and in order to access the Secure Message, anyone that wants to access this message needs to know (having been sent) the Secure Message ID.
One way this can for instance be used is to send marketing materials where don't know who's going to access this, but you still require authentication so you will get a Download Receipt with email address and so on.
Anyone (Secret Link) No Authentication
Very similar to Anyone (Secret) Link — there's still a randomized Secure Message ID and just because there's no access restriction it doesn't mean that anyone can accesses the Secure Message. Without knowing (having been sent) the randomized Secure Message ID, it won't be possible for anyone to access the message.
Anyone that does though have access to the Secure Message ID will be able to access the message and will not be prompted to authenticate.
About "Forwarding" the Secure Message email
When you send a Secure Message, there's a statement that the Secure Message can't be forwarded. Some people read that as there's something in the email that prevents someone from clicking the "Forward" button in their email client.
What it actually means is that if you forward the email with the Secure Message ID to someone else, they won't be able to access it.
If what you want is to make the body of the Secure Message private, you will need to send the Secure Message as a Private message.