Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Looking for a web based mail client

Aug 10, 2013 1:51AM PDT

After recent changes to my microsoft account replacing hotmail with outlook, and since google reads everyone's gmail, and after recent changes to my ISP provided webmail, I'm looking for a web based mail program that I can access pop3/stmp servers without having to use the microsoft / google / optimum.net webmail programs. The goal is to access my e-mail without ever having to go on a microsoft / google / optimum.net website ever again.

Any suggestions?

Discussion is locked

- Collapse -
Clarification Request
Wait. What makes you think that all email is not read?
Aug 10, 2013 2:01AM PDT

Email is for all intent as secure as a postcard in the mail. So if you want to use secure email you have to forget web based mail since over the internet it's plain text HTML to your web browser.

I suggest you do more research and if you must have secure communication look at PGP GPG and things like Hushmail.
Bob

- Collapse -
You're right!
Aug 10, 2013 2:32AM PDT

I agree that the web is inherently insecure. That said, to me there's a difference between the inherent lack of security of web based e-mail and service providers making it worse. That's why I refuse to use gmail, because google systematically reads the mail of their own subscribers. They say it's for targeted advertizing, I say it's an invasion of privacy. Since I can't stop them from doing that I choose not to use it. P.S., I also turn off google location services on my phone unless I want to use maps or gps. Google doesn't need to know where I am at all times. I don't have any game consoles with cameras or smart tvs, either, because I don't like people spying on me.

Of course with the recent disclosures about NSA programs, there's a good chance my mail will be read even if I use Office Outlook or Outlook Express, i.e. conventional mail client. I thought about hosting my own mail server - the goal is to make it as difficult as possible for people other than an intended recipient reading my mail, and to reduce attack vectors available to potential hackers.

I am researching this now (hence my forum question) and your suggestions sound interesting. I'll look into them

- Collapse -
Odd. Hosting your own is still open to reading.
Aug 10, 2013 2:37AM PDT

POP/SMTP/IMAP all use a plain text transfer so if reading your (remember the postcard?) email is the issue, you would not do this.

Again, nod to the PGP, GPG, Hushmail and such.

HOWEVER as this is much like the cone of silence, I wonder if you'll find many to send you the encrypted email.
Bob

- Collapse -
Answer
(NT) Why not use your ISP's webmail?
Aug 10, 2013 1:53AM PDT
- Collapse -
My ISP just changed their website
Aug 10, 2013 2:09AM PDT

My ISP just rolled out a new and improved (according to them) website, that 1) links all my account information, and 2) doesn't automatically log me out if I close the webpage. I learned this the hard way, I closed my webmail at work, and when I got home and went to log on, I already was! All my accounts are linked and there's stuff open and running in the background that I didn't open, so if I get hacked the hacker has access to everything, not just the point of attack. That's the same reason I stopped using microsoft webmail, open 1 program and you are automatically logged on to all the programs, so skype, cloud, whatever - are all open and running in the background. I consider that a major security issue. So I'm looking for a way to access their mail servers without having to use their programs or websites, so I can control what's open and the logoff protocols.

Plus, seems like everyone is trying to copy the iphone and windows phone look with interactive tiles - not for me, I just want to use my e-mail.

- Collapse -
It sounds like you want an E-mail client
Aug 10, 2013 3:17AM PDT

Have you considered an E-mail client like MS Office Outlook, Windows Live Mail, or Thunderbird? That sounds like exactly what you need. They're not webmail, but they access your email's server, download your email to your computer, then log off the server. You can control how long the server retains your email.

- Collapse -
Trying to have my cake and eat it too
Aug 10, 2013 3:26AM PDT

I used to use a mail client (Office Outlook) but switched to web based because I can access from multiple computers

- Collapse -
If you set your email client to leave msgs on server
Aug 10, 2013 6:15AM PDT

If you set your email client to leave msgs on server, you can access them from multiple places. You just set the box that says leave messages on the server. You can tell it how many days you want them to stay there and you can set it to delete them from the server when you delete them from your computer. I don't know why that would be any less secure than webmail. You'd just have to delete anything on your computer you didn't want others to see if your computer could be accessed by someone else.
Of course if your employer has rules against email clients, that would be another consideration, but you didn't mention that. I don't know what kind of security you're dealing with, but I know how security can be a royal pain. Sad Necessary often, but still a PITA.`
Good luck.

- Collapse -
Been there, done that
Aug 10, 2013 6:53AM PDT

I'm familiar with setting the mail client to store messages on the server, but thanks for the suggestion.

I guess I should clarify, there are actually 2 problems I'm trying to address. 1 problem is I want to access my mail without automatically opening all the other programs that are linked to my mail program. The other problem is I want to be logged off when I close the web page, if I forget to log off manually. The reason is, I believe linked programs that are open and running in the background provide more attack vectors for potential hackers.

When microsoft launched outlook webmail I quickly realized that if I didn't log off manually, all the linked programs would continue running in the background. I posted a comment to an article on MSN, which required me to log onto my microsoft account. A short time later I launched outlook webmail and lo and behold, I was already logged on, even though outlook wasn't open at the time of the post.

- Collapse -
Re: access mail
Aug 10, 2013 7:10AM PDT

Can you elaborate a little bit?

If your mail program is, say, Firefox (just a browser to read your webmail), what do you mean with programs that are linked to it. What's a "program linked to Firefox" and how is it related to the webpage that is open in one of it's tabs (say, your inbox or a mail you read)?

On what webpage would you want to activate that automatic logoff when it closes? Each seperate e-mail you read or write, your inbox, your sent-items box, your recycle bin?

Kees

- Collapse -
Try this
Aug 11, 2013 1:15AM PDT

Do you have a Microsoft outlook webmail account?
Go to MSN.com. Click the link at the top of the page and open outlook.com - log on.
Close the outlook browser window without logging off.
Go back to the MSN home page, and click the link for outlook.com again - you will still be logged on.

So what I'm saying is when you close the outlook.com webpage you should automatically be logged off of your mail account. That's how it used to work in hotmail, before Microsoft "upgraded".

- Collapse -
Re: logged on
Aug 11, 2013 5:00AM PDT

I think they use a cookie for that. If there's no option like "keep me logged in" to turn off, just use 'Private mode'. All history is gone then if you close the window or the browser.

Most people like this use of cookies (like I logon automatically in these forums). But if you don't, that's how it can be circumvented.

Kees

- Collapse -
It's more involved than that
Aug 14, 2013 5:32AM PDT

I find it interesting that when I log in to Cnet.com the dialog box is set to automatically remember my username and password, meanwhile Cnet security and privacy articles always say to improve security and reduce the possibility of data theft set your computer to not automatically remember passwords. If you choose to store passwords on your computer to save 10 seconds during the log on, that's up to you - I will never do that.

I think the problem is more involved that browser cookies. The other day I read an article on MSN.com and I wanted to post a comment, so I logged onto my Live account. I posted my comment and closed the web page. Then I went to the MSN home page, and my e-mail account was open and running in the background, when I clicked the link for outlook.com my mailbox opened without having to log in.
So, clearly when you log on to 1 of your Microsoft accounts you are automatically logged on to all of them - even if you have no browser running or MSN webpage open at the time. If you close the page where you logged on, the linked accounts do not close, they remain open and running in the background. I consider that a major security risk.

- Collapse -
To explain MSFT, we have to know about
Aug 14, 2013 5:39AM PDT

Long ago MSFT adopted an idea of "single sign on." Today you find folk debate if that is a security risk. Remember you control your account sign on in Windows. And you control if your file system is secured better than normal (remember BitLocker?)

Most of this is history, well discussed but some don't remember or know how we got here.
Bob

- Collapse -
Answer
That's the dilemma
Aug 10, 2013 3:53AM PDT

Right again, if I lock it down too tight then no one can read my mail because there won't be any.

If I host my own, at least I can control what programs open when I log in. But please clarify - hosting my own is subject to reading - where, and by whom?

- Collapse -
And if you host your own, then because of how email relays
Aug 10, 2013 4:00AM PDT

It's in plain text on any relay along the way. This is why we use an end to end encrypting client PGP, GPG, Hushmail or such if we want to lock it up.

Sorry but give yourself time to do the research. It's all out there.
Bob

- Collapse -
Thanks for the feedback
Aug 10, 2013 4:38AM PDT

Just starting to look into this, I figured a tech forum would be a good place to start, and get ideas from people who know more about it than I do.

Sounds like it won't be easy to achieve a good balance between privacy and security vs. functionality.

- Collapse -
I agree.
Aug 10, 2013 5:52AM PDT

It's where to start. But it's not the end either. Some members feel that others should copy in web content, but for me that would flood the forum with text and not get down to the meat of the discussion.

For now my advice is not send email, as in a message in the usual email system with anything you would need more security than a post card in the mail.
Bob