Puzzled here. Any help appreciated.

Customer using DMS with GW 7.0.3. The library rights are specified
that both public and individual users /groups do not have "view"

So Users are able to create and see their own docs or docs that
are shared. If they search for a document say by # that someone
tells them, if they do not have any explicit rights they don't
even find the doc. No issue there, however if the creator emails
the document to them They are able to view and open (though they
cannot save changes and must "save as".

I find this a bit of a security risk as follows. I create a
document that I share with 3 people and one of those recipients is
named Carole for sake of argument. The organization has another
Carol however and I accidentally include the wrong Carol in the
To: list. So even though Carol has no view rights to the library
and I haven't given her view rights on the doc, she is able to see
the contents of the doc. When considering HR functions or other
sensitive matters the contents could inadvertently get into the
wrong hands. How to address?

Is this a bug in DMS or are we supposed to be handling