|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
5 Feb 2012, 10:21 PM | #1 |
Junior Member
Join Date: Jan 2012
Location: St. Louis, United States
Posts: 23
|
What are some important security settings to keep in mind?
I'm setting up accounts for a couple of family members, and it would be good to know some security tips, so that I can set them off on the right foot. We're sharing a family plan. I've already set up various personalities for both of them.
|
5 Feb 2012, 10:45 PM | #2 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,944
|
Use your favourite search engine to look for email security tips
|
6 Feb 2012, 01:33 AM | #3 |
Junior Member
Join Date: Nov 2011
Posts: 13
|
Couple of Helpful Tips for Across
Across, one thing you might want to do, in the event you choose to use IMAP, and NOT POP, is to go into "Options" and select "disable pop logins." This is a good thing to do (I have done so with my own account, and learned about this in these forums). I would hope no one would EVER hack into your account, but...should this ever happen to you, by disabling pop logins, you won't be penalized by someone who may have hacked your login info and, thereby, you suffer consequences, their retrievals by another app, quotas, etc. If you are an IMAP user, simply disable "pop logins."
You might also select your choice carefully regarding "showing images". If you check "do not show", you can always click on "load images" each time when reading your mail, once you know the email is safe. This protects you from webbugs, etc. that allow a spammer to know your address is active! (My own setting choice for this, is to load images for known emails (such as those in my address book). And, although I like the long-term login with the cookie, (FM simply clears the cookie if I click on "Log Out", you might want to set yours to the standard 2 hr log out. I've only had FM 6 months, an enhanced account, but these are a couple of safe things I have done. Welcome to FM! |
6 Feb 2012, 01:50 AM | #4 | |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,944
|
Quote:
Why do you think POP is less secure than IMAP? They both use the same credentials (account name & password), so if somebody guesses/steals the pw (s)he can use either protocol to get in, or login via the website. By all means disable POP and/or IMAP if you are not going to use them, but do not think this will make your account less vulnerable if you are careless with the password. |
|
6 Feb 2012, 08:43 AM | #5 |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,926
|
Using secure passwords
I would recommend:
|
6 Feb 2012, 09:45 AM | #6 |
Cornerstone of the Community
Join Date: Jun 2004
Posts: 743
|
If you use an e-mail client to access your account, make sure you enable SSL or TLS so that a secure connection is established to FastMail's servers.
|
6 Feb 2012, 01:12 PM | #7 |
Junior Member
Join Date: Nov 2011
Posts: 13
|
(For janusz,mostly, and a Kudo to nfbb), Explanation
janusz, In no way did I mean to imply that POP is not a secure/safe way to retrieve mail. I can see where it sounded that way.
I have read that some accounts, have limited quotas they are allowed for pop logins. Just meant to suggest, if one's not accessing his email this way, it would simply prevent someone from having his account shut down from too many pop logins? By the same token, if one's not using IMAP access, or any email client, for that matter, then why not disable? (I guess, this is not exactly "security", but, sort of "careful",LOL?) I have used POP throughout most of my "email" life, though I've grown to really like IMAP. You are right, of course, and I surely did not mean to imply POP is not safe, only that it might prevent one from being shut down for too many logins of this type, if someone else chose to do so. Not a problem for an enhanced account, I don't think? I just started out with FM with an enhanced account so I wouldn't need to worry about much. Also, yes, do check the ssl box! If one's using Avast Antivirus and Opera (as I do), Avast will want to take care of the ssl feature...but, I do prefer allowing Opera to handle it. So, I just uncheck the box in Avast. (janusz and n5bb.....I always, always, enjoy and learn from your posts. I defer to both of you! Thanks for so much help in these forums! Have read them for a long time, before I ever joined them. (Susie) Last edited by SusieStar : 6 Feb 2012 at 01:15 PM. Reason: mistyped n5bb's name, (typing in dark on the "little" computer)! |
7 Feb 2012, 01:35 PM | #8 |
Junior Member
Join Date: Jan 2012
Location: St. Louis, United States
Posts: 23
|
Thanks guys, this is great stuff. Concerning checking the SSL box, I'm assuming you're referring to doing that on the client side, should they choose to use an email client. However, under "External Security" in the "Personalities" section, you have "None," "STARTTLS Encrypted" and "SSL Encrypted." Any recommendations concerning which box I should tick for that? And does ticking the "Sent Items on SMTP" box basically just tell it to save outgoing messages on FastMail instead of just showing up on an email client? And what about "BCC on SMTP"? I understand what sending a BCC email is, but what is a BCC address? I thought BCC was a "from" thing, not a "to" thing.
Last edited by Across : 7 Feb 2012 at 01:40 PM. |
7 Feb 2012, 03:08 PM | #9 | |||
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,926
|
This is veering off-topic, but here goes:
Quote:
Quote:
Quote:
|
|||
8 Feb 2012, 10:22 PM | #10 | |
Junior Member
Join Date: Jan 2012
Location: St. Louis, United States
Posts: 23
|
This is great stuff and is highly appreciated. Anyone care to help me answer this one?
Quote:
|
|
9 Feb 2012, 04:49 AM | #11 | |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,926
|
Quote:
The last 6 setup fields on the Options>Personalities screen are for what is shown as an advanced feature (Send via external SMTP server).Bill |
|
9 Feb 2012, 10:35 AM | #12 | |
Junior Member
Join Date: Jan 2012
Location: St. Louis, United States
Posts: 23
|
Quote:
"Send via external SMTP server" (not checked) "External server" (blank) "External port" (587) "External Security" (STARTTLS Encrypted) "External username" (blank) "External password" (blank) So, due to red being unchecked, the choices for blue are irrelevant? Is that correct? |
|
9 Feb 2012, 10:42 AM | #13 | |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,926
|
Quote:
Bill |
|
9 Feb 2012, 09:48 PM | #14 | |
Essential Contributor
Join Date: Apr 2007
Location: Canada
Posts: 227
|
Quote:
|
|
10 Feb 2012, 03:49 PM | #15 |
Master of the @
Join Date: Apr 2002
Location: West Sussex, UK
Posts: 1,334
|
In addition to the Fastmail settings to mitigate risks I suggest installing tracking software on the machines in the event they are stolen. I use Prey Project, but there are other similar solutions.
In extreme you can lock down the machine remotely. Ed |