US-CERT Cyber Security Tip ST04-023 -- Understanding Your Computer: Email Clients

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                        Cyber Security Tip ST04-023
                Understanding Your Computer: Email Clients

   The main difference between email clients is the user interface. Regardless
   of which software you decide to use, follow good security practices when
   reading or sending email.

How do email clients work?

   Every email address has two basic parts: the user name and the domain name.
   When you are sending email to someone else, your domain's server has to
   communicate with your recipient's domain server.

   For example, let's assume that your email address is johndoe@xxxxxxxxxxx,
   and the person you are contacting is at janesmith@xxxxxxxxxxxxxxxxxxx In
   very  basic  terms, after you hit send, the server hosting your domain
   (example.com)  looks at the email address and then contacts the server
   hosting the recipient's domain (anotherexample.org) to let it know that it
   has a message for someone at that domain. Once the connection has been
   established, the server hosting the recipient's domain (anotherexample.org)
   then looks at the user name of the email address and routes the message to
   that account.

How many email clients are there?

   There are many different email clients and services, each with its own
   interface.  Some  are  web-based  applications,  some  are stand-alone
   applications installed directly on your computer, and some are text-based
   applications. There are also variations of many of these email clients that
   have been designed specifically for mobile devices such as cell phones.

How do you choose an email client?

   There is usually an email client included with the installation of your
   operating system, but many other alternatives are available. Be wary of
   "home-brewed" software, because it may not be as secure or reliable as
   software that is tested and actively maintained. Some of the factors to
   consider when deciding which email client best suits your needs include
     * security - Do you feel that your email program offers you the level of
       security you want for sending, receiving, and reading email messages?
       How does it handle attachments (see Using Caution with Email Attachments
       for more information)? If you are dealing with sensitive information, do
       you have the option of sending and receiving signed and/or encrypted
       messages  (see  Understanding Digital Signatures and Understanding
       Encryption for more information)?
     * privacy  - If you are using a web-based service, have you read its
       privacy policy (see Protecting Your Privacy for more information)? Do
       you know what information is being collected and who has access to it?
       Are  there  options for filtering spam (see Reducing Spam for more
       information)?
     * functionality - Does the software send, receive, and interpret email
       messages appropriately?
     * reliability - For web-based services, is the server reliable, or is your
       email frequently unavailable due to maintenance, security problems, a
       high volume of users, or other reasons?
     * availability - Do you need to be able to access your account from any
       computer?
     * ease of use - Are the menus and options easy to understand and use?
     * visual appeal - Do you find the interface appealing?

   Each email client may have a different way of organizing drafted, sent,
   saved, and deleted mail. Familiarize yourself with the software so that you
   can find and store messages easily, and so that you don't unintentionally
   lose messages. Once you have chosen the software you want to use for your
   email,  protect  yourself and your contacts by following good security
   practices (see US-CERT Cyber Security Tips for more information).

Can you have use more than one email client?

   You can have more than one email client, although you may have issues with
   compatibility.  Some email accounts, such as those issued through your
   internet service provider (ISP) or place of employment, are only accessible
   from a computer that has appropriate privileges and settings for you to
   access that account. You can use any stand-alone email client to read those
   messages, but if you have more than one client installed on your machine,
   you should choose one as your default. When you click an email link in a
   browser or email message, your computer will open that default email client
   that you chose.

   Most vendors give you the option to download their email software directly
   from their websites. Make sure to verify the authenticity of the site before
   downloading any files, and follow other good security practices, like using
   a firewall and keeping anti-virus software up to date, to further minimize
   risk (see Understanding Firewalls, Understanding Anti-Virus Software, and
   other US-CERT Cyber Security Tips for more information).

   You  can also maintain free email accounts through browser-based email
   clients  (e.g.,  Yahoo!,  Hotmail, Gmail) that you can access from any
   computer. Because these accounts are maintained directly on the vendors'
   servers, they don't interfere with other email accounts.
   _________________________________________________________________

   Author: Mindi McDowell
   _________________________________________________________________

   Produced 2004 by US-CERT, a government organization.

   Note: This tip was previously published and is being
   re-distributed to increase awareness.

   Terms of use

   http://www.us-cert.gov/legal.html

   This document can also be found at

   http://www.us-cert.gov/cas/tips/ST04-023.html

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit http://www.us-cert.gov/cas/signup.html.




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS7OnAD6pPKYJORa3AQLLqAf8Dq53MQMCsKIzppkyCr6ccoaM4wcVYNQ/
spFQDZTkOz5DdjVbLT3PXljghp4vDR6TEwfHQtiJF6Wuls42KLiZfr2IV/Yd3Sv0
zvGH04+08MvQDBtzXUmOjyBDQbmijOVnqcR2Q9fn4ywD3FlVAIq6C5g5QFhvad40
NpM72WsGF7u3Bh7G6CtMmrcY46KFw9lx8z4Zyp5qtuKbdsLLZvAG2z4RJVzpNNqz
KLMfPehVcLOR6Afl7GOd7Yzgryct3jcSOUm1FuIafYM46+hdnVfCcobzs4VVezG3
7hxWuDAmJFz6GRrN478b3G0lMpQWW+Ip753MqFchpZpwEf601Wfl4Q==
=2F6i
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux