What Web-Based Email Service Do You Use?

Technodummy asks: "I travel a lot, and need a reliable webmail address. Since Hotmail was taken over, it's gone downhill, but I haven't be able to find a reliable replacement. I also share a net account, so POP is not the answer. Any ideas?" What things do you all like about web-based email services and what aspects of them do you think can be improved on? Are there any services out there that allow you to use HTTPS to retrieve your mail rather than plain old HTTP?

Yahoo

[Lumpish+Scholar]

(as you might guess from the e-mail address listed here:-).

Probably most important: In my experience, it's always been up when I've wanted to send or receive e-mail, and it's nearly always as quick as any Web site out there.

You can install up to fifteen filters; enough to sort out, e.g., messages you get from a mailing list. Their "bulk mail" option (using the Brightmail spam filter, I think) catches a lot of spam. (It can also show all headers, e.g., for use with SpamCop.)

Good integration with Yahoo! Alerts (news searches forwarded to e-mail), Calendar, and other Yahoo! services. Vacation messages. Spell checking feature for outgoing messages. E-mail forwarding and POP3 means it plays well with your real e-mail software.

The 6MB limit for messages is lame; $20/year ups it to 25MB.

Finally: they've, ever, even once sent me any junk mail. Nice! --PSRC

Unfairly moderated; please give this a second look

[divbyzero]

I would much sooner moderate this as "informative" than "off-topic", as it is a useful answer to the posted question.

To elaborate on what Mr. Norway said, you can use MindTerm to give you a Unix terminal session from within a web browser. Then, using that session, you can use any mail client you choose that runs in a Unix terminal. These include Mutt, Pine, Elm, Mh, the Emacs mail modes, and the original Unix Mail.

HTML is not the only Web technology; Java applets have become fairly popular in recent years, and MindTerm is the single most useful one I've ever seen.

But my grandest creation, as history will tell,

Webinbox

[Baloo+Ursidae]

Webinbox rules all. Seriously. If you have an email address on any ISP that accepts POP connections, and you can enter your email address on that account, and your password, and it displays the messages in a nice, easy to use interface.

I use that when for some bizarre reason I need email right now and can't telnet to my box...

--

and the answer is...

[Zurk]

hushmail.com SSL, secure, fully encrypted.

Hushmail. No question.

[rjh]

First, I work in the encrypted email business. That doesn't mean I'm an authority on the subject (God knows there are a lot of people in the business who are total incompetents), but it does mean I like to keep track of different companies and offerings.

When I need Web-based email, it's Hushmail. Here's my take of Hush's strengths and weaknesses:

STRENGTHS:

• Cryptography. Hush stores email in an encrypted form on their servers, and only the user possesses the decryption key. This means that breaks, ala Hotmail, are much harder to pull off--great, even if they get 0wn3d, the crackers still have to social-engineer the decryption key out of you. Maybe. (See WEAKNESSES.) They seem to be moderately clued, cryptowise; 1024-bit El Gamal (I'd prefer 1536-2048, but 1024 isn't shoddy) for signatures and 128-bit Blowfish, passphrase-based encryption, for bulk data.
• Physical security. According to Team Hush, their servers are located in legally-friendly countries (Antigua, I think), in facilities which are locked down to all but the sysadmins. Not even the janitors are allowed inside; the sysadmins get to clean the toilets, in other words, I guess. Note that this is just what they claim and I have no way of verifying this, short of hopping on a plane and going to Antigua.
• Responsive staff. Every time I've had any need to communicate with Hushmail staff, the response has been quick--less than 48 hours--and personal. No form letters. And if you happen to talk to Genevieve, be nice to her--she's a sweetheart. :)
  
• Reliability. I've never seen the Hush servers down. The site has always been snappy and usable (barring the occasional Net-based lag and whatnot).
• No spam. The email addresses I used to set up my Hushmail account have never been spammed. Hey, considering some of the entrants in the Webmail field, this is a big plus. :)

WEAKNESSES:

• Cryptography. While it's true that messages can be delivered in an encrypted and signed form, that's only true for messages sent to other Hushmail addresses. If you send from Hushmail to the outside world, don't expect it to be encrypted in transit. Similarly, if you send from the outside world to Hushmail, it may not be stored in encrypted form on the servers. I don't know offhand whether they do or not, which means that, given my natural paranoia, my operating assumption is that they don't. Please note that this isn't a weakness in relation to other webmail services. Very little email anywhere is stored in encrypted form.
• Speed. Every time you login to Hush, you have to download a set of Java applets that do crypto functions. Java's performance has never been superb. This doesn't contradict "Reliability" above; the site is snappy for everything but the downloading and initialization of the Java applets.
• Platform dependent. If your platform doesn't have a good JVM, you can forget about using Hush. Currently, it works just fine for Windows, MacOS and Linux.
• Lack of features. To the best of my knowledge, Hush doesn't render HTML mail properly. Its support for address books, folders, etc., is fairly rudimentary.

... On the whole, I think Hushmail has considerably more strengths than weaknesses. If you need a good, solid email service and normal SMTP mail isn't possible, Hush seems to me to be the best alternative right now.

If you want to reach me there, it's rjhansen@hushmai1.com. Please note that you'll need to change the "1" to an "L" in order to mail me there. It's not much of a spamblock, but it's something. :)

Good luck!

Doesn't work fine

[antizeus]

While I may be a rabid anti-Microsoft zealot, the reason hotmail doesn't work for me is that it requires Javascript, which I don't use. Most of my browsing is done with Lynx, which can do https with the right patch, but not Javascript. Otherwise I use Mozilla and IE, in which I keep that nonsense disabled.

Beware of sites that will "collect" your pop3 mail

[weave]

I don't understand why people don't bitch about this, but it's rampant and growing every day. All those web-based mail sites that will offer to collect your e-mail from your normal POP3 account somewhere else. All you need to do is give them your e-mail address and your password.

Check out webmail.com for one example. Major sites like Hotmail and Yahoo Mail will also offer to collect your mail as well.

My user population (over 10,000) is CONSTANTLY doing this even though we provide our own secure web-based mail page if they want to use it.

Why do I have a problem with this? Think about it. You're entering your id and password into some other site's web page and they go log in on your behalf, usually in cleartext. Even if I tcp_wrapper reject these places, the damage is done. The user has already entered in their ID and password.

So what we do is, we notice a logon from hotmail, yahoo, webmail.com, etc, we immediately lock their account under the part of our AUP that forbids revealing your ID and password to a third party.

Anyone can set up a web-mail page like IMP and change it to STORE the system names, IDs, and passwords that they collect and use them later.

So, when looking for a web-based mail site, don't be tempted to let them collect your other account's e-mail as well. You're trusting them with your ID and password. Not good, IMO....

operamail.com

[radja]

-I havent had any spam on it yet
- clean, clear interface (1 banner, bottom of page, for the Opera browser. no doubleclick adserver tracking you.)
- https

Been using it for quite a while now (about 1.5 years I think) and I'm happy with it.

//rdj

Re:Unfairly moderated; please give this a second l

[Just+Your+Average+Li]

How does mindterm fit the answer of a "web-based email service"? To run mindterm to get mail, this would involve finding a free email service that provides shell accounts, as well as web space to put the java applet. The java security in your browser (in theory at least) should not allow you to make arbitrary net connections, except to the server the java applet was downloaded from.

Hushmail, hushmail, hushmail.

[aidoneus]

The subject says it all. I've never recieved any spam in the year and a half I've had my account, and it uses https and java to set up a secure tunnel from end to end (none of the Yahoo pseudo-secure stuff). It's a little slower, since it is somewhat java based, but it think it would fit your needs perfectly.

You can find it at Hushmail.com .

Re:Hotmail

[frankie]

I have a big problem with the way that Hotmail tracks what links you click on within emails. You know how webmail services will parse the URLs in a text email and turn them into new window links? The simple and non-invasive way to do it is to just add a TARGET="new" to the link. Yahoo does this, for example.

Instead, Hotmail catalogs all of the links in the current message and stores them in a database server. When you click on a URL, Hotmail calls the server to say "user micromoog clicked on link X in email Y at time T". After a processing delay you get redirected to the actual link, unless you waited more than a couple minutes between opening the email and clicking the link, in which case your database entry has been timed out and you get a 404.

Isn't that wonderful? And the only plausible reason to do it that way is to perform intensive link tracking on personal emails.

Meanwhile, if you're looking for pure SSL email, try hushmail. I use my Yahoo account only for low priority personal stuff.

HORDE/IMP

[pauldy]

I have my own server setup and a friend points dns at me. I like to use imp/horde from www.horde.org. It is nice lightwieght supports address books uses php and works great in ssl mode. As for a provider I'm not much help there but this is how I accomplish what your looking for for myself.

Re:I use

[Smitty825]

It works fine if all you are looking for is a simple web-based mail website. I personally use Yahoo's mail because I can access via the web or via POP3. I've heard you can now do that with hotmail, but you have to pay for it, IIRC.

Visto.com

[ebbe11]

I use www.visto.com when I am away from home and need email access. It allows logon using HTTPS and its adverts are not too obtrusive.

Ebbe

Re:Beware of sites that will "collect" your pop3 m

[horatio]

This is mailstart's primary purpose ... to let you check pop accounts. I don't use those third party things to get any of my pop accounts for this exact reason. I get fetchmail to check the pop servers that I can't encrypt to ... meaning that the only people who are supposed to rec'v that password (the pop server itself) are the ones who do.

Might sound a little lame, but I actually keep a copy of PuTTY in a www directory that I can get to from anywhere ... its about 200K, and supports ssh1 (the latest v also supports ssh2), so I can grab it really quick wherever I am (even on a slow dialup), shell in, use pine or whatever and never deal with sending a password in the clear. The only trouble with this method is if you hit a library/shop/lab that only has Macs ... ssh clients for the mac are rare things, or were as of about a year ago...

http://www.chiark.greenend.org.uk/~sgtatham/putty/

I realize its not the "web-based" sol'n you were looking for, but there are places that will give you a shell account, and I wouldn't be terribly surprised if several of them have fetchmail up and running. Toss a copy of putty into a yahoo! or geocities web directory that you can remember the location of, and your shell account is always accessible! :)

(that is, of course, unless the ISP you happen to be using firewalls outgoing stuff on 22 ...)

Webmail services

[mikers]

I went looking for an webmail service some time ago for the same reason, and that I was moving a lot and was tired of having to constantly retire email addresses and get new ones with different ISPs.

A really good web site that sums up all free webmail services is : http://www.emailaddresses.com/

Particularly, check their free POP/IMAP-webmail providers. Also has reviews and user comments, and feature comparisons.

Through them I found www.mailandnews.com, which is my current favorite webmail. mailandnews offers 10MB email space, address book, email forwarding, POP3/IMAP, both unsecure and secure servers for webmail, and very little in the way of intrusive advertising. Its very good for reliability and is pretty fast.

Highly recommended

$0.02 cha-ching
mike

HTTPS

[Gothmolly]

www.hushmail.com Great if you're worried about people snooping. Of course, once mail leaves there, its clear-text all the way over the Net.

mail.com

[danpbrowning]

I like to use mail.com because it is short and easy to understand even when your cell connection is a little fuzzy.

Imail server

[ledbetter]

Check out the Imail Server from IPSwitch. It's a great mail server that supports both web and pop/imap access (as well as ldap). The server only runs on windows NT, but it is a very solid product. The web client works on all browsers very well, and supports various options for session handling (cookies, or querystring), as well as SSL. There is also full web based administration. It's not free, but the cost is very reasonable. You also don't need a super-powerful server to be able to run it. The company is quick to patch any discovered issues with the product. My company has used it for some time now. It requires next to no maintenance either.

Re:Unfairly moderated; please give this a second l

[tornado_norway]

It depends on what you mean by "web-based email service". With an SSH enabled server, and the MindTerm applet, you will be able to do your e-mail in a web-browser from anywhere in the world.

--
"Trying is the first step towards failure."

Re:Hotmail

[Technodummy]

before MS aquired Hotmail, I never had a problem with the server being down, mail not sending or login errors.

Since Hotmail was taken over, the service has failed time and again in various annoying ways. The only reason I'm still using them, is that every time I find what looks to be a great email provider, they disappear off the face of the earth, never to be seen again. (the last one was imaginemail.com which was really good)

Hotmail also loads slower now, as everything gets more coporate looking and more "services" are added. You can't opt in for a fast-loading selective service display, which would be great.

I don't think MS is the reason for the breakdown in quality, I think any other large company would have screwed it up just the same. When money becomes the first priority, service always becomes second.

Hotmail

[micromoog]

Since Hotmail was taken over, it's gone downhill

I'm not sure what your problem with Hotmail is (other than, I suppose, that it's run by the Bane of Slashdot). It's very reliable, and uses https for the login at least.

You have to deal with a single banner on each page, but hey, look at Slashdot.

Re:Hotmail

[suwain_2]

I always assumed their servers were run by Windoze, then I read an article somewhere mentioning that they ran some form of BSD, and were going to change over to Windows.

After the switchover, my account worked fine. For a while. Then I started running into server outages. And for some reason, the old Tru64 Alpha I use at school doesn't work. (I don't know why; I think it's either the fact that Netscape uses HTTP/1.0, or that they require you to use Windows. I think the former is more likely). So while Hotmail hasn't necessarily been going downhill steadily as the article suggests, the takeover didn't really help things.

Re:Myrealbox

[airlie]

MyRealBox is run by Novell as a way to show off their own mail server NIMS(which is a very nice product.) It's probably down occasionally to give them a chance to keep the server up to the latest version.

I think it's run by the same group that write the NIMS code.

It supports pop, imap and has a web based interface.

Personally I've been using usa.net for years. $12 a year forwards it to my work account. I haven't had to tell my friends about a change in my email address since despite several moves.

epriority.com

[ffsnjb]

I use epriority.com for all of my mail that needs to be secure and I need to be able to check it on the web. They use SSL. They don't allow pop3 or imap connections that I'm aware of. I also have hotmail and yahoo accounts for all the crap I could care less about, and use them for spam collection.

My school uses Horde for its webmail access, it's decent.

Myrealbox

[Beowulf_Boy]

Try www.Myrealbox.com
Its Imap mail, so you can use a e-mail client,
and you can check it from the web.
The only problem is, the server is down about once a month for a couple hours, which happens to be right now.

Encrypted E-Mail

[Blacklaw]

Personally, I use about five different webmail providers for different things.

For encrypted e-mail I use http://www.ziplip.com.

Although the site is fairly slow to load, it has a 128-bit SSL connection from the word "go", never going into plaintext. You can send normal e-mails with it, or (unlike HushMail), you can send "Secure E-Mail".

The secure function takes the form of of sending the recipient a message saying "You have been sent a message by Anonymous12131243243@1243.4232.com (or some such). The recipient then clicks on the link, and is presented with a SSL-secured connection to ZipLip. They then enter the password you supplied them with (over the phone or whatever), or they can guess the password using the optional Hint. Then they can read the message. After they have read it, it's wiped from the server.

You can also tell the server to wipe messages 12-hours, 24-hours, 48-hours, one week etc. after sending - just in case the person never checks the e-mail.

Not a perfect solution to secure e-mail, but (IMHO) better than HushMail.

-Blacklaw

"Everyone is entitled to their opinions. Even stupid people"