[OT] gmail behaviour

Leland F. Jackson, CPA lelandj at mail.smvfp.com
Wed Feb 27 21:16:07 EST 2008


I've never used qMail, so I'm making some assumption here.  Perhaps this 
will help:

When you connect to your WebMail Server using https://, everything is 
encrypted including your user name and password.  When you connect to 
your WebMail Server using http:// everything is sent to your WebMail 
server in plain text.  The WebMail server is a middleman that brokers 
between your computer and the SMTP mail Server.  You can see the link at 
the bottom for more information:

#--------------------------------
Excerpt:

As a recipient, you can generally retrieve your email by either using a 
web-based interface known as "WebMail", or via an "email client" 
program, such as Microsoft Outlook or Eudora, running on your personal 
computer. The email client programs will talk directly to your email 
server and speak IMAP or POP. With WebMail, your computer will talk to a 
WebMail server using a web connection (speaking HTTP); the WebMail 
server will, in turn, talk to your email server using POP or IMAP.

*The Lack of Security in Email*

    * *WebMail*: If the connection to your WebMail server is "insecure"
      (i.e. the address is http:// and NOT https://), then all
      information including your username and password is not encrypted
      as it passes between the WebMail server and your computer.
    * *SMTP*: SMTP <http://luxsci.com/extranet/info/email-smtp.html>
      does not encrypt messages. All communications between SMTP servers
      send your messages in plain text for any eavesdropper to see.
      Additionally, if your email server requests that you send your
      username and password to "login" to the SMTP server in order to
      relay messages to other servers, then these are also sent in plain
      text, subject to eavesdropping. Finally, messages sent via SMTP
      include information about which computer they were sent from and
      what email program was used. This information, available to all
      recipients, may be a privacy concern.

http://www.google.com/search?q=https+for+email&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

or

http://preview.tinyurl.com/39kzc9

#--------------------------------------------

Regards,

LelandJ

Kay C Lan wrote:
> A couple of days ago I had gmail go all haywire on me. This was in FireFox,
> OSX.
>
> As a fall back I started up Safari and was able to access my account but
> noted that the URL was http: when I'm sure it used to be https:
>
> Since then I've gone back into FireFox, trashed the gmail cookie,
> reconnected to gmail and it's https:, whilst if I log in at the same time
> with Safari it's http:, in fact:
>
> FireFox: https://mail.google.com/mail/?shva=1#inbox
>
> Safari: http://mail.google.com/mail/#inbox
>
> What gives?
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>   




More information about the use-livecode mailing list