Setting Up Email Securely on cPanel servers: example WiredTree
July 8th, 2010
You do want to be using SSL. Unencrypted connections are far too easily eavesdropped. On the other hand, it’s worth remembering that SSL only gets your login and email encrypted between your computer and your smtp server. Once your email hits the big pipes, it’s unencrypted again, vulnerable to whomever can get access to the transit points. A rogue operative in any ISP or fiber optic supplier could still siphon off huge amounts of data. Even if such a person existed, s/he would be unlikely to be able to regularly get all of your email though. However, random emails, especially if they traverse exotic territories with loose security could be grabbed.
Email is not private. Don’t forget that ever. Email is not private.
Thunderbird, Apple Mail, Outlook Express (and the hideous blue Windows Live Writer replacement) all offer SSL. But be sure not to check “Secure Authentication” if your particular host does not support it. Secure Authentication just has to do with security certificates and does not actually increase your security once you have an appropriately made self-signed certificate. Just be careful about authorising changes to your security certificate.
SSL IMAP will go across port 993. SSL POP will go across port 995. Checking your port assignment is one way to be sure your email connection is encrypted. SMTP SSL will work across port 25 (and probably some others, but I've tested port 25).
SSL will get you most of the way there to reasonable privacy.
While you are at it, make sure that when you access webmail (with cPanel at http://yourdomain.com/webmail, the connection forwards to an https address.
Don’t forget that when you are visiting other login protected websites, unless the connection is https, you are handing over your login and password to the owner of the hotspot (if he cares to log it or take it). If you plan to spend a lot of time on hotspots as a traveller, you need more than SSL email. You need a VPN. Don’t go cheap or unbranded on your VPN supplier (setting up your own VPN is a big enough hassle that most small businesses should be outsourcing their VPN connections), as that organisation will have steady access to all of your communication and can keep really detailed logs. Unlike a single rogue hotspot, you will be using the VPN consistently over time and with a the same login.
These steps should not be considered security overkill, but just the basics.
By Alec
You might also like
-
Setting up SendLoop DKIM and SPF on a Cpanel/WHM server
- How to move clients email accounts (or your own) from one server to another with no lost mail
- Lost WordPress Admin Password and Email? How to get back into your weblog…
-
No “Bandwidth limit exceeded”: How to manage bandwidth limits in cPanel hosting courteously
- Foiling Email Harvesters and Coping with Spam
3 comments on “Setting Up Email Securely on cPanel servers: example WiredTree”
01
so how do we set up email securely on wiredtree for example?? can you elaborate or possibly make a post on this as security & email set up on wiredtree seems to be a bit tedious for us newbies
02
more so step by step the general instructions you gave are hard to follow very general
03
Hi Kennn,
Exact instructions will depend on your email client.
General instructions for secure email at WiredTree in point form:
* enable SSL in your email client
* mail server is mail.yourdomain.com
* username is you@yourdomain.com
* password should be 12 characters and include numbers and letters
* in a pinch webmail is at http://yourdomain.com/webmail
* IMAP should be on port 995, POP should be on port 993
Good luck.
PS. Hint: Use your email client’s help files to figure out where to enter that info.
Leave a Reply