I'm using panda mail to chekc mail from one of the futurequest servers but i can't seem to be able to reply the mails that i receive....
Thanx
------------------

I just tested out PandaMail (http://www.pandamail.net ???), and sent myself a test message. Went fine.

Did you enter the name of your SMTP server? Panda Mail doesn't provide a SMTP server. You have to enter one, in the message composition window. At the top of the composition window, where they have all the fields like To:/From:/Cc<img src="http://www.aota.net/ubb/confuse.gif" alt=":/" width=15 height=15> and so one, one is for SMTP server. Did you fill that in with the name of your SMTP?

I had a look at PandaMail, presently at http://bstar.net/panda/, and have to ask why anybody would be willing to enter their userid, password, and server, into a webform. The thought of it causes security sirens to scream in my head. Name+server is usually a valid email addy which you've just offered up to who-knows-who; but an account access uid:pw ???

Telnet to Pine is my preferred remote access method, which is not available at this time for FQ; but the next possibility may be configuring a new browser profile for the purpose.

Or, I suppose if you're stuck you could change your password a _lot_ ;-}

Maynard, this is the way almost all sites that offer Web access to POP accounts work. I agree, it is sort of scary. But, that's how MollyMail, PandaMail, and all the other ones I've tried, work.

The best thing I've found, for now, is installing a private copy of MailReader.com on my own website. Now I don't have to worry about those type of security issues any more.

Entering your password into a web form is no less secure than using a POP client -- both involve sending passwords in the clear with no encryption (unless you've set up port forwarding or are using SecurePOP, which 99.9% of people don't do)... Unless you are also recommending not using standard POP, there's really no reason to recommend against using a web-based solution, unless you are implying that the people who run the site might by doing something with your information...

------------------
Justin Nelson
SFE Software (http://www.sfesoftware.com)

Yes POP passwords travel &quot;in the clear&quot; but usually from my machine to the host. Presuming no sniffers in between.

Using a webform passes the clear data through a third system, and its local network; furthermore, the data passes through this strange, untrusted, network _twice_ (in from you and out to pop).

In my cautious fashion, it's sort of like somebody offering to go to the bank for you and return all of your money or safe deposit contents to you, if you'll just give them everything they need to do it.

So if your hostname and uid:pw were to be [inadvertently] revealed to a third party, via any means, not just webmail poppers, couldn't that person even go so far as to spam happily through your account; gain access to your shell in many cases where different passwords aren't used; either now or way later?

I don't know about &quot;SecurePop&quot;, but I expect that it has the same deployment difficulties as SSH when used on some strangers machine (which it seems is the only reason to need something like webmail).

Anyway, on we go .....