There's an easy solution to this, but something that will require some attention is that there would be a public record of a message being sent between two addresses. It's semi-public.
This would be ok. Keep it simple IMO. Make it usable and reliable. In the future you could add more complicated solutions
