US-CERT Cyber Security Tip ST04-023 -- Understanding Your Computer: Email Clients

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    Cyber Security Tip ST04-023
              Understanding Your Computer: Email Clients

   The main difference between email clients is the user interface.
   Regardless of which software you decide to use, follow good security
   practices when reading or sending email.

How do email clients work?

   Every email address has two basic parts: the user name and the domain
   name. When you are sending email to someone else, your domain's server
   has to communicate with your recipient's domain server.

   For example, let's assume that your email address is
   johndoe@xxxxxxxxxxx, and the person you are contacting is at
   janesmith@xxxxxxxxxxxxxxxxxxx In very basic terms, after you hit send,
   the server hosting your domain (example.com) looks at the email
   address and then contacts the server hosting the recipient's domain
   (anotherexample.org) to let it know that it has a message for someone
   at that domain. Once the connection has been established, the server
   hosting the recipient's domain (anotherexample.org) then looks at the
   user name of the email address and routes the message to that account.

How many email clients are there?

   There are many different email clients and services, each with its own
   interface. Some are web-based, some are stand-alone graphics-based,
   and some are text-based. The following are some well-known email
   programs:
   Web-based

     * Hotmail
     * Yahoo! Mail

   Stand-alone graphics-based
     * Eudora
     * Mulberry
     * Outlook and Outlook Express
     * Pegasus
     * Thunderbird

   Text-based
     * Pine

How do you choose an email client?

   There is usually an email client included with the installation of
   your operating system, but many other alternatives are available. Be
   wary of "home-brewed" software, because it may not be as secure or
   reliable as software that is tested and actively maintained. Some of
   the factors to consider when deciding which email client best suits
   your needs include
     * security - Do you feel that your email program offers you the
       level of security you want for sending, receiving, and reading
       email messages? How does it handle attachments? If you are dealing
       with sensitive information, do you have the option of sending and
       receiving signed and/or encrypted messages?
     * privacy - If you are using a web-based service, have you read its
       privacy policy? Do you know what information is being collected
       and who has access to it? Are there options for filtering spam?
     * functionality - Does the software send, receive, and interpret
       email messages appropriately?
     * reliability - For web-based services, is the server reliable, or
       is your email frequently unavailable due to maintenance, security
       problems, a high volume of users, or other reasons?
     * availability - Do you need to be able to access your account from
       any computer?
     * ease of use - Are the menus and options easy to understand and
       use?
     * visual appeal - Do you find the interface appealing?

   Each email client may have a different way of organizing drafted,
   sent, saved, and deleted mail. Familiarize yourself with the software
   so that you can find and store messages easily, and so that you don't
   unintentionally lose messages. Once you have chosen the software you
   want to use for your email, protect yourself and your contacts by
   following good security practices.

Can you have use more than one email client?

   You can have more than one email client, although you may have issues
   with compatibility. Some email accounts, such as those issued through
   your internet service provider (ISP) or place of employment, are only
   accessible from a computer that has appropriate privileges and
   settings for you to access that account. You can use any stand-alone
   email client to read those messages, but if you have more than one
   client installed on your machine, you should choose one as your
   default. When you click an email link in a browser or email message,
   your computer will open that default email client that you chose.

   Most vendors give you the option to download their email software
   directly from their web sites. Make sure to verify the authenticity of
   the site before downloading any files, and follow other good security
   practices, like keeping anti-virus software up to date, to further
   minimize risk.

   You can also maintain free email accounts through browser-based email
   clients (e.g., Yahoo!, Hotmail) that you can access from any computer.
   Because these accounts are maintained directly on the vendors'
   servers, they don't interfere with other email accounts.
     _________________________________________________________________

     Author: Mindi McDowell
     _________________________________________________________________

    This document can also be found at
 
    <http://www.us-cert.gov/cas/tips/ST04-023.html>

    Copyright 2004 Carnegie Mellon University

    Terms of use

    <http://www.us-cert.gov/legal.html>


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQa4UihhoSezw4YfQAQJbogf8DKoQ6xMTuc8rakOLOyNTX8Z/behMqYkC
ikPkooK3+oa23rnHy2Pj6zlS5CCrv7cxQt68YTWNn8LXAIX1SNPujXDZgIkjPfYr
ucC/58PV4LNrSlNntrG+5qO2WNIIBAkHspuYMFwuxGxjYRb8KleDiJztnpHgEb0I
a4aQryVIenaqj6L54hNe8dQopbhvtgBVCurnkob+X0nE5S4RMSa6ij6Tfu/PCAD+
dRN6uMxSqHDB9FSkjSG6CFNK0YIAk3ltEi3jA58bJ4J/mmTll3fWd+IMHBVfvKIH
yAEo0Lr7TxGAUHtbvrMUW57avAFD+dNGzJ9cj6pWRlDdIG28HG5m7Q==
=IYqE
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux