dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
904

Astyanax
Premium Member
join:2002-11-14
Melbourne, FL
·AT&T FTTP

1 edit

Astyanax

Premium Member

More "exciting" POP E-mail Upgrades?

I guess we're in for some more "exciting" POP e-mail upgrades:

Hello Road Runner Email Friend:

We want to make you aware that we are upgrading our email server over the next few days. These changes pave the way for exciting new features and better performance and reliability in your email. The majority of customers will have no impact at all but we want to make you aware of a few items.
1. Before the upgrade begins on Tuesday:
If you use Road Runner email on your mobile phone, some users have seen emails that have been deleted in the past reappear in the inbox after the upgrade. We’ve detailed below how you can prevent this. If you do not make the changes before the upgrade this week, or choose not to make the changes and end up with duplicate emails, you can delete the duplicates at your convenience.

iPhone Settings:
o Select the Settings icon
o Select “Mail, Contacts, Calendars”
o Select your RR mail account
o Select “Advanced”
o Under the “Deleted Messages” category, select the “Remove” option
o If there is a check mark next to the “Never” item, select another period of time other than “Never.” This will prevent duplicates from showing up in your inbox
Android Settings:
o Select the “Settings” icon
o Select your RR email account under the “Accounts” category
o Select “Account settings”
o Select the RR email you want to update
o Under “Server Settings,” select “Incoming Settings”
o When you see the “Delete email from server” category, select the “When I delete from Inbox” option to prevent deleted emails from reappearing in your inbox
o Click “Done” to complete
2. What you can do after the upgrade:
a. If you normally leave your email application open, and have trouble getting to your Road Runner email, please reboot your device and reopen the webmail application to log in to your email.
b. If you have the Road Runner toolbar installed, you will need to do the following to ensure you receive the upgrade:
o Go to the toolbar and click on your Road Runner account to access webmail.
o If this does not work, please uninstall and reinstall the toolbar
Please do not hesitate to contact us should you have any questions or need further information about this update.

Thank you for being a Bright House Networks customer.

Wasn't this just done a month or two ago? Oh well.

cbs
join:2014-02-11
Melbourne, FL

cbs

Member

said by Astyanax:

Wasn't this just done a month or two ago? Oh well.

Might this be the same "upgrade" that was mentioned December 2013?

»RoadRunner E-Mail Upgrade soon (next few days)
BHNtechXpert
The One & Only
Premium Member
join:2006-02-16
Saint Petersburg, FL

BHNtechXpert to Astyanax

Premium Member

to Astyanax
This is the final region to get it... just took a bit. Take note of that notice however if you leave anything on our email server....failure to do so will result in a well....interesting side effect

kfsutops
Premium Member
join:2002-08-19
Lutz, FL

kfsutops to Astyanax

Premium Member

to Astyanax
How about adding IMAP support like every other email provider in the world?
scanman1
join:2010-11-25

scanman1 to Astyanax

Member

to Astyanax
Will this upgrade finally allow SSL/TLS encryption?

This is the only email I have that is still sent in plaintext.

Port 110 should never be used. 99% of email providers implemented this 10 years ago.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by scanman1:

Will this upgrade finally allow SSL/TLS encryption?

This is the only email I have that is still sent in plaintext.

I wasn't aware that SSL/TLS encrypted the entire email.
scanman1
join:2010-11-25

scanman1

Member

said by NormanS:

I wasn't aware that SSL/TLS encrypted the entire email.

Did you think it only encrypted the headers?, yes of course it's fully encrypted. It will be sent on port 995 instead of port 110.

My firewall blocks port 110. It should not be used.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by scanman1:

Did you think it only encrypted the headers?, yes of course it's fully encrypted. It will be sent on port 995 instead of port 110.

No, but I am pretty certain it only encrypts the user name and password, but not the entire message. Otherwise, my correspondents on services not using SSL/TLS would be unable to read my email.

AFAIK, if you want end-to-end email encryption of the entire email, you need to use something like PGP, and issue a public key so your corespondents can use it to encrypt the email from their end. And they can use a service with unencrypted port 25, because without your private key, nobody will be able to read it.
scanman1
join:2010-11-25

scanman1

Member

said by NormanS:

No, but I am pretty certain it only encrypts the user name and password, but not the entire message. Otherwise, my correspondents on services not using SSL/TLS would be unable to read my email.

This is full *TRANSPORT* encryption and the standard is baked into the pop3 server and the pop3 email client. Once the email is on the local machine, it is decrypted. All modern email programs are compatible and handle this transparently to the user.

GPG is to allow the data to be encrypted at rest. If you need that level of encryption, then you should use Thunderbird with the Enigmail plugin for GnuPG. Then on Windows, install Gpg4win.

PGP is now privately owned and closed source. Zimmerman was a sell out and PGP has been forked/ported to open source GPG.

Don't pay Symantec a penny for there bloated untrusted PGP software.
bighorn1
Premium Member
join:2004-06-19
BD, CA

bighorn1 to NormanS

Premium Member

to NormanS
said by NormanS:

No, but I am pretty certain it only encrypts the user name and password, but not the entire message. Otherwise, my correspondents on services not using SSL/TLS would be unable to read my email.

SSL/TLS is transport layer security, whole session is secured from point to point, or in this case from client to server.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS to scanman1

MVM

to scanman1
said by scanman1:

PGP is now privately owned and closed source.

Hence why I said, "something like".

As for the utility of transport layer security, what good is it? Yahoo! and Google both use it, and still can scan your email for advertising keywords. Pretty useless for secrets.
bighorn1
Premium Member
join:2004-06-19
BD, CA

bighorn1

Premium Member

said by NormanS:

As for the utility of transport layer security, what good is it? Yahoo! and Google both use it, and still can scan your email for advertising keywords. Pretty useless for secrets.

Well, in case of Yahoo and Google, only three parties can read email, these are: sender, recipient and email providers.

Without secure layer, same as the above plus just anybody else in between.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by bighorn1:

Without secure layer, same as the above plus just anybody else in between.

And who, exactly, besides the provider, is in between the sender and the recipient? Somebody who can't run captured data through an email client? It seems to me that any "Man-In-The-Middle" tapping an Internet router port can get hold of any email client with "baked in" SSL/TLS and read the captured data.
bighorn1
Premium Member
join:2004-06-19
BD, CA

bighorn1

Premium Member

Nope, that's not how SSL/TLS works. Master key which is created during handshake and is used to encrypt data is unique for every session.
It would be very hard to decrypt captured data.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by bighorn1:

Nope, that's not how SSL/TLS works. Master key which is created during handshake and is used to encrypt data is unique for every session.
It would be very hard to decrypt captured data.

So. If I use port 465 to send through my ESP to a recipient on another ESP, the only way they will be able to read my email is by downloading from their server using either port 993 (S-IMAP) or port 995 (S-POP3)?
bighorn1
Premium Member
join:2004-06-19
BD, CA

bighorn1

Premium Member

No, because (in most cases) email would not be encrypted on the server. Also, email delivery from server to server ie from your provider to recipients provider could be unencrypted as could be from the last server to recipient.

That's why it's important that all email providers use SSL/TLS, not only for client to server, but also for server to server email delivery.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by bighorn1:

That's why it's important that all email providers use SSL/TLS, not only for client to server, but also for server to server email delivery.

I doubt if that will happen. Nobody will want to run dual channel service; but all would have to switch over at once to avoid it.

So, in the end all that is protected is the client-to-server connection on my end.
bighorn1
Premium Member
join:2004-06-19
BD, CA

bighorn1

Premium Member

said by NormanS:

I doubt if that will happen. Nobody will want to run dual channel service; but all would have to switch over at once to avoid it.

When I look into my email server logs I can see that over 90 percent of servers connecting to it are doing it over TLS. And examination of email headers says the same for client server connections.

Also, you don't need multiple ports with explicit SSL/TLS ie STARTTLS.

As for TWC, they're about a decade behind the curve (talking about email service)...
scanman1
join:2010-11-25

scanman1 to Astyanax

Member

to Astyanax
It is that last hop from your server to your computer that is the most vulnerable, as people do check email from wifi/hotspots/non-secure connections.

If you check email 10x a day, you should have an email that is not BHN to use.

I used to use lavabit.com, but Snowden took that good player out.

Now I put my trust behind riseup.net. They have an invite system to keep the spammers/abusers off the network. Most of my friends also use riseup.net so the email is not being sent across unsecure mail relays. The spammers have pretty well taken those out by abusing them and I'd say it's over 90% that use encryption now if you look at the full mail headers.