Fuddland
Filed under “I shoulda sorted this out ages ago but it became a priority for me so I finally got around to doing it” was finding an easy way to guarantee that I’m always sending emails over a secure connection, regardless of how I’m connected to the network [whether directly dialled-up to my ISP, plugged in to someone else’s network, or over an unsecure wireless connection].
Perhaps it’s not common knowledge, but generally, when connecting to one’s email service provider using a client such as Thunderbird, Eudora or Outlook, the usual and default set-up is to send the username and password in plain, unencrypted form — anyone listening-in could simply read off your details and have complete access to your account. This is very Not a Good Thing. So the ability to always guarantee a secure connection, at least when sending messages, is quite a handy thing to have.
Why can’t you rely on your own ISP to provide you with a secure connection when sending emails? Most ISPs claim that sending is “secure” because you can only send messages via their [SMTP] servers if you have connected directly to them. But this is no use whatsoever if you’re not dialled-up to them, such as on an unsecure wireless connection, but you still want to send emails.
My solution: use Google’s secure Gmail server. All you need is a Gmail account and to be using an email client capable of establishing secure connections — Opera’s M2 mail offers this facility, as do Thunderbird and Outlook, and probably almost every other modern piece of email software. [It might be called “SSL” or “TLS”, or just a plain old “secure connection” in the settings.]
Sign up for a new Gmail account to be associated with your email address — for example, if your email address is foo@account.com, then you might sign up for fooaccount@gmail.com, or whatever Gmail username you like. Even if you already have a Gmail account, it’s worth signing up for a second one solely for this purpose. Since Gmail is still in invitation-only beta, if you don’t already have a Gmail account from which you can invite yourself, you’ll need to find someone else who has one and is willing to invite you to join, so go outside and throw a rock into a crowded street, it’s sure to hit someone with an account.
Once you’re signed up, or willing to use your pre-existing Gmail account, go to the Gmail Account settings and, under “Add another email address”, enter your usual email address, and instruct Gmail to use this as the default address. This ensures that, when using Google’s server to send a message, it looks to the recipient as though it has been sent from your usual email address, not your Gmail address.
Now open your email software and change the relevant account’s SMTP settings to the following:
SMTP server: smtp.googlemail.com
Port: 465 [you can also use 587]
Use your full Gmail address for the username [i.e. including the @gmail.com], use the Gmail account’s password for the password, and be sure to tick the “Use a secure connection” box. [More detailed, client-specific explanations of how to configure the SMTP settings can be found in Gmail’s Help Center.]
There you have it — a secure way of sending emails — and there’s an added bonus of having all sent items archived in the Gmail account’s folders as well as your email client’s; a free, automatic back-up service. Receiving emails securely, however, all depends on whether your email provider has enabled support for secure connections. Alternatively you may be able to arrange for all your messages to be automatically forwarded to your Gmail address and connect securely to that via POP, which again is a matter for you and your email provider. [C’mon, I can’t do everything for you.]
[I should add that I’m still not entirely clear if it’s the entire session that is encrypted or just the username and password, although I’m assuming it’s the former. There are alternative methods, such as those described in Stopdesign’s “Secure wireless email on Mac OS X” entry, but to be honest I found them all a little confusing and jargon-rich, and the above method was simpler for me to figure out.]
Comments
Gordon | 2006 / 03 / 08 – 18:22
Ohh handy. And yes, this is on my ‘to do’ list as well as swapping to GMail for ALL my email accounts (well.. three of them). Cheers.
*adds to del.icio.us*
David | 2006 / 03 / 13 – 15:03
Re #1: Cool, let me know if it works okay for you too.
Commenting Closed
Commenting on this post is closed. Thanks to all those who left comments. If you'd still like to say something about this entry, feel free to email me.
