What Web-Based Email Service Do You Use?

Technodummy asks: "I travel a lot, and need a reliable webmail address. Since Hotmail was taken over, it's gone downhill, but I haven't be able to find a reliable replacement. I also share a net account, so POP is not the answer. Any ideas?" What things do you all like about web-based email services and what aspects of them do you think can be improved on? Are there any services out there that allow you to use HTTPS to retrieve your mail rather than plain old HTTP?

Yahoo

[Lumpish+Scholar]

(as you might guess from the e-mail address listed here:-).

Probably most important: In my experience, it's always been up when I've wanted to send or receive e-mail, and it's nearly always as quick as any Web site out there.

You can install up to fifteen filters; enough to sort out, e.g., messages you get from a mailing list. Their "bulk mail" option (using the Brightmail spam filter, I think) catches a lot of spam. (It can also show all headers, e.g., for use with SpamCop.)

Good integration with Yahoo! Alerts (news searches forwarded to e-mail), Calendar, and other Yahoo! services. Vacation messages. Spell checking feature for outgoing messages. E-mail forwarding and POP3 means it plays well with your real e-mail software.

The 6MB limit for messages is lame; $20/year ups it to 25MB.

Finally: they've, ever, even once sent me any junk mail. Nice! --PSRC

Hushmail. No question.

[rjh]

First, I work in the encrypted email business. That doesn't mean I'm an authority on the subject (God knows there are a lot of people in the business who are total incompetents), but it does mean I like to keep track of different companies and offerings.

When I need Web-based email, it's Hushmail. Here's my take of Hush's strengths and weaknesses:

STRENGTHS:

• Cryptography. Hush stores email in an encrypted form on their servers, and only the user possesses the decryption key. This means that breaks, ala Hotmail, are much harder to pull off--great, even if they get 0wn3d, the crackers still have to social-engineer the decryption key out of you. Maybe. (See WEAKNESSES.) They seem to be moderately clued, cryptowise; 1024-bit El Gamal (I'd prefer 1536-2048, but 1024 isn't shoddy) for signatures and 128-bit Blowfish, passphrase-based encryption, for bulk data.
• Physical security. According to Team Hush, their servers are located in legally-friendly countries (Antigua, I think), in facilities which are locked down to all but the sysadmins. Not even the janitors are allowed inside; the sysadmins get to clean the toilets, in other words, I guess. Note that this is just what they claim and I have no way of verifying this, short of hopping on a plane and going to Antigua.
• Responsive staff. Every time I've had any need to communicate with Hushmail staff, the response has been quick--less than 48 hours--and personal. No form letters. And if you happen to talk to Genevieve, be nice to her--she's a sweetheart. :)
  
• Reliability. I've never seen the Hush servers down. The site has always been snappy and usable (barring the occasional Net-based lag and whatnot).
• No spam. The email addresses I used to set up my Hushmail account have never been spammed. Hey, considering some of the entrants in the Webmail field, this is a big plus. :)

WEAKNESSES:

• Cryptography. While it's true that messages can be delivered in an encrypted and signed form, that's only true for messages sent to other Hushmail addresses. If you send from Hushmail to the outside world, don't expect it to be encrypted in transit. Similarly, if you send from the outside world to Hushmail, it may not be stored in encrypted form on the servers. I don't know offhand whether they do or not, which means that, given my natural paranoia, my operating assumption is that they don't. Please note that this isn't a weakness in relation to other webmail services. Very little email anywhere is stored in encrypted form.
• Speed. Every time you login to Hush, you have to download a set of Java applets that do crypto functions. Java's performance has never been superb. This doesn't contradict "Reliability" above; the site is snappy for everything but the downloading and initialization of the Java applets.
• Platform dependent. If your platform doesn't have a good JVM, you can forget about using Hush. Currently, it works just fine for Windows, MacOS and Linux.
• Lack of features. To the best of my knowledge, Hush doesn't render HTML mail properly. Its support for address books, folders, etc., is fairly rudimentary.

... On the whole, I think Hushmail has considerably more strengths than weaknesses. If you need a good, solid email service and normal SMTP mail isn't possible, Hush seems to me to be the best alternative right now.

If you want to reach me there, it's rjhansen@hushmai1.com. Please note that you'll need to change the "1" to an "L" in order to mail me there. It's not much of a spamblock, but it's something. :)

Good luck!

Doesn't work fine

[antizeus]

While I may be a rabid anti-Microsoft zealot, the reason hotmail doesn't work for me is that it requires Javascript, which I don't use. Most of my browsing is done with Lynx, which can do https with the right patch, but not Javascript. Otherwise I use Mozilla and IE, in which I keep that nonsense disabled.

Beware of sites that will "collect" your pop3 mail

[weave]

I don't understand why people don't bitch about this, but it's rampant and growing every day. All those web-based mail sites that will offer to collect your e-mail from your normal POP3 account somewhere else. All you need to do is give them your e-mail address and your password.

Check out webmail.com for one example. Major sites like Hotmail and Yahoo Mail will also offer to collect your mail as well.

My user population (over 10,000) is CONSTANTLY doing this even though we provide our own secure web-based mail page if they want to use it.

Why do I have a problem with this? Think about it. You're entering your id and password into some other site's web page and they go log in on your behalf, usually in cleartext. Even if I tcp_wrapper reject these places, the damage is done. The user has already entered in their ID and password.

So what we do is, we notice a logon from hotmail, yahoo, webmail.com, etc, we immediately lock their account under the part of our AUP that forbids revealing your ID and password to a third party.

Anyone can set up a web-mail page like IMP and change it to STORE the system names, IDs, and passwords that they collect and use them later.

So, when looking for a web-based mail site, don't be tempted to let them collect your other account's e-mail as well. You're trusting them with your ID and password. Not good, IMO....

operamail.com

[radja]

-I havent had any spam on it yet
- clean, clear interface (1 banner, bottom of page, for the Opera browser. no doubleclick adserver tracking you.)
- https

Been using it for quite a while now (about 1.5 years I think) and I'm happy with it.

//rdj

Re:Hotmail

[frankie]

I have a big problem with the way that Hotmail tracks what links you click on within emails. You know how webmail services will parse the URLs in a text email and turn them into new window links? The simple and non-invasive way to do it is to just add a TARGET="new" to the link. Yahoo does this, for example.

Instead, Hotmail catalogs all of the links in the current message and stores them in a database server. When you click on a URL, Hotmail calls the server to say "user micromoog clicked on link X in email Y at time T". After a processing delay you get redirected to the actual link, unless you waited more than a couple minutes between opening the email and clicking the link, in which case your database entry has been timed out and you get a 404.

Isn't that wonderful? And the only plausible reason to do it that way is to perform intensive link tracking on personal emails.

Meanwhile, if you're looking for pure SSL email, try hushmail. I use my Yahoo account only for low priority personal stuff.

Re:I use

[Smitty825]

It works fine if all you are looking for is a simple web-based mail website. I personally use Yahoo's mail because I can access via the web or via POP3. I've heard you can now do that with hotmail, but you have to pay for it, IIRC.

Webmail services

[mikers]

I went looking for an webmail service some time ago for the same reason, and that I was moving a lot and was tired of having to constantly retire email addresses and get new ones with different ISPs.

A really good web site that sums up all free webmail services is : http://www.emailaddresses.com/

Particularly, check their free POP/IMAP-webmail providers. Also has reviews and user comments, and feature comparisons.

Through them I found www.mailandnews.com, which is my current favorite webmail. mailandnews offers 10MB email space, address book, email forwarding, POP3/IMAP, both unsecure and secure servers for webmail, and very little in the way of intrusive advertising. Its very good for reliability and is pretty fast.

Highly recommended

$0.02 cha-ching
mike

mail.com

[danpbrowning]

I like to use mail.com because it is short and easy to understand even when your cell connection is a little fuzzy.

Myrealbox

[Beowulf_Boy]

Try www.Myrealbox.com
Its Imap mail, so you can use a e-mail client,
and you can check it from the web.
The only problem is, the server is down about once a month for a couple hours, which happens to be right now.