[FQuest Announce] - Secure Email Protocols Now Available

[Bob]

In addition to the recent announcements for Secure QuestMail access and Secure CNC access, FutureQuest is pleased to announce secure options for accessing your email by POP3 or IMAP, as well as a secure option for sending email by SMTP.

The new Secure Email Protocols are available now!

POP3 over SSL (or POP3S) uses port 995
SMTP over SSL (or SMTPS) uses port 465
IMAP over SSL (or IMAPS) uses port 993

The traditional email services, which include POP3, IMAP and SMTP, remain available on their usual ports. If you make no changes to your email settings your email will continue to function as you are accustomed to it functioning.

For those of you who would like to take advantage of the new secure protocols you may find that your existing email client already provides an option for enabling this feature. Although FutureQuest cannot directly support the configuration of third-party software, such as email clients or IMAP, here are some configuration guidelines to use the secure protocols:

• You should continue to use the same server/host name settings.
  If your domain is example.com, then the server name settings are:
  POP3 Host: pop.example.com
  SMTP Host: mail.example.com
  IMAP Host: pop.example.com
  
  
• Look for the configuration panel for secure options under a tab such as "Advanced" or "Secure" within the Account or Server properties section of your email client.
  
  
• If the email client offers a choice of encryption methods, choose SSL.
  The STARTTLS method is NOT supported.
  
  
• Some email clients will automatically choose the correct port numbers. However, some clients require the port numbers to be manually entered. Please refer to the port numbers listed at the top of this announcement.

For additional assistance in configuring your email client to use secure access, you should contact the email client's support providers. We also encourage you to post questions and solutions within these forums so that others using the same email client may provide tips/suggestions as well as learn from the knowledge you share.

A note about certificate warnings:
The certificate that is used to accomplish the necessary SSL encryption for the email protocols is issued to Secure.FutureQuest.net. Some email clients will issue a warning each time you connect because the domain name does not match your own, some will issue a warning only the first time you connect after starting your email program, while others have an option to always accept the certificate. This behavior varies from email client to email client, and is not under FutureQuest's control.

FutureQuest is pleased to offer you the choice between traditional email access methods or secure email access methods. There are no extra fees for either type of email access. We simply hope this further empowers you to work with your email options in the way that suits your requirements best

From yours truly
The FutureQuest Team
-

[cjcox]

Thanks terra, deb (and everyone at fq)!

I love you all (even when I get real whiny)!

[hobbes]

-- oops, scratch that last one --

[Tom]

Very interesting and it was a snap to set it up (I do get the warnings).

Question: What are the security concerns in e-mail that would lead someone to using SSL for their e-mail? Are non-secure e-mails at risk that I've been unaware of until now? (I get it when using public WiFi for e-mail)

(If this needs to move to another location, feel free to move my question.)

[tril]

Excellent!

Anyone know of a way to get fetchmail to stop crying about the certificate domain?

[dank]

It would appear The Bat! (v2.x) is among those clients unable to work with the non-matching domain, unless I've got an option somewhere to turn off that lockout...

Dan

[Velimir]

weeeheeeee



Thank you!
Regards,
vee

[Wassercrats]

I think I'd prefer an email client that gives you security warnings about the domains not matching. It sounds like if you want a secure connection and you get the warning then you have to look into things unless you trust the email host. If you configure your email client for secure email and get no warnings, you know you're safe.

[rb]

Quote:

Originally Posted by Tom

Very interesting and it was a snap to set it up (I do get the warnings).

Question: What are the security concerns in e-mail that would lead someone to using SSL for their e-mail? Are non-secure e-mails at risk that I've been unaware of until now? (I get it when using public WiFi for e-mail)

(If this needs to move to another location, feel free to move my question.)

Anyone who can see your network traffic, such as anyone within range on a unencrypted WiFi network, or a sysadmin for your LAN, can easily capture your user name and password for email unless you use this new protocol, or port forwarding with an SSH client such as Putty.

I have been using Putty for a long time, but it's inconvenient to start a seperate program, so this new service is appreciated.

[Wassercrats]

Quote:

Look for the configuration panel for secure options under a tab such as "Advanced" or "Secure" within the Account or Server properties section of your email client.

In Outlook Express, I think you check "This server requires a secure connection (SSL)" under Advanced, not under Security. To be exact, you go to Tools > Accounts > [the email account to configure] > Properties > Advanced. But there's no lock or anything anywhere, so I could only assume it's working.

...I mean as opposed to being sure.