|
|
By Hervey Allen (hervey@oregon.uoregon.edu)
Email correspondence via DARKWING and GLADSTONE is a little bit more secure now that Computing Center systems staff has tested and installed new encryption software on these systems.
The new software, known as SSL (Secure Socket Layer) can encrypt your username and password when you check your email and can also encrypt all your messages when you download them to a local machine (or when you read them using IMAP mode). This technique is formally known as POP over SSL or IMAP over SSL. (POP and IMAP are two methods your email client uses to connect with DARKWING or GLADSTONE when you read your email.)
How do POP and IMAP work? Generally speaking, POP (Post Office Protocol) physically transfers mail from the host to your machine, giving you the choice to leave a copy on the host as well. With IMAP (Internet Message Access Protocol), your email stays on the server and you read it (via your network connection) from your desktop machine. In both cases, your username and password are passed back to the host to verify your identity, after which the data for each message is sent to your machine.
How does Secure Socket Layer (SSL) encryption work? SSL takes your plain text data and scrambles it in such a way that it could not be read if someone were "listening" in on your session, or on the network in general.
The nice thing about this method is that it's virtually invisible. After you've configured your email client with SSL, you'll notice very little difference, except perhaps for a slight slowdown on modem connections.
Current versions of Outlook support both POP and IMAP over SSL, while Netscape's email client supports only IMAP over SSL. Eudora currently has no SSL support.
Outlook. In Outlook you can generally choose to use SSL by going to the Tools menu and opening "Accounts. . ." Click the Mail tab, highlight your email account, choose properties, and click the "Advanced" tab. Then check the box labeled, "This server requires a secure connection (SSL)."
Note: Exact menu placements of this option may vary between versions of Outlook.
Netscape. In Netscape, click on the Edit menu and open "Preferences. . ." Then go to the Mail & Newsgroups category and choose Mail Servers. Highlight the incoming mail server, click Edit, click the IMAP tab, and then check the box labeled, "Use secure connection (SSL)."
Note: These preferences are not available in Netscape if you're using POP mode to get your email.
I don't see these options. . .what now? If you don't see the options described above in your Outlook or Netscape email programs, you'll need to upgrade to a current version.
Port settings. We are using standard ports for both these services (995 for POP and 993 for SSL), so you do not need to change these settings in your email clients.
One thing to be aware of is that SSL does not encrypt email that you send out. However, the good news is that hackers are most often interested in surfing, and the most critical information is usually your username and password.
The only way to ensure that your email is encrypted from start to finish is to use something like PGP (Pretty Good Privacy). This method is a bit more involved.
If you're interested in using PGP, you can start reading about it on the International PGP web pages at http://www.pgpi.org/ Be sure to read the on-line FAQs (Frequently Asked Questions) files to get an understanding of how things work. You might also want to read PGP: Pretty Good Privacy by O'Reilly Associates for detailed information about the product. The book is available for checkout from the Documents Room (205 Computing Center). For a complete overview of the book, see http://www.oreilly.com/catalog/pgp/
If you have additional questions about how to use POP or IMAP over SSL, contact Microcomputer Services in Room 202 of the Computing Center (microhelp@oregon, 346-4412). The office is open Monday through Friday from 9am to 5pm.