LESSON 9 E-MAIL SECURITY part III

9.1.3 Web Mail
A second option for e-mail is to use a web based e-mail account. This will allow you to use a
web browser to check your e-mail. Since the e-mail for these accounts is normally stored on
the web e-mail server – not on your local computer – it is very convenient to use these
services from multiple computers. It is possible that your ISP will allow you to access your e-mail
through both POP and the web.
However, you must remember that web pages are cached or stored on local computers,
sometimes for significant lengths of time. If you check your e-mail through a web based
system on someone else's computer, there is a good chance that your e-mails will be
accessible to someone else who uses that computer.
Web based e-mail accounts are often free and easy to get. This means that they offer an
opportunity for you to have several identities online. You can, for instance, have one e-mail
address that you use only for friends and another that is only for relatives. This is usually
considered acceptable, as long as you are not intentionally intending to defraud anyone.

 

9.1.3 网页邮件

第二种电子邮件形式是使用基于网页的电子邮件账户。你可以通过网页浏览器查看电子邮件。因为邮件一般都是存储在网页邮件服务器上---不是本地电脑上---所以这些服务方便不同电脑使用。你的ISP可能会让你通过POP和网页两种方式来收发邮件。

但是，要注意网页时存储到本地电脑上的，有的时候会存储相当长的时间。如果你在别人的电脑上通过网页浏览器收发邮件，你的邮件就很有可能被其他使用该电脑的人发现。

基于网页的电子邮件账户通常是免费的，而且创建起来很方便。就是说你可以创建几个不同的账户。你可以用一个账号专门和朋友通信，另一个账号用来给亲戚通信。只要你不是有意欺骗别人，那么这样做完全是可以的。

 

Exercises:
1. You can learn a lot about how POP e-mail is retrieved by using the telnet program. When
you use telnet instead of an e-mail client, you have to enter all the commands by hand
(commands that the e-mail client program usually issues automatically). Using a web
search engine, find the instructions and commands necessary to access an e-mail

account using the telnet program. What are the drawbacks to using this method to
retrieve e-mail? What are some of the potential advantages?
2. Find three organizations that offer web based e-mail services. What, if any, promises do
they make about the security of e-mail sent or received using their services? Do they make
any attempts to authenticate their users?
3. (possibly homework) Determine the SMTP server for the email address you use most
frequently.

 

练习：

1、你可以用telnet程序学习POP是怎么取回的电子邮件的。当你使用telnet，不用电子邮件客户端，你就需要自己手动键入命令（而电子邮件客户端是自动调用这些命令的）。用一个搜索引擎查找用远程程序登陆电子邮件账户所需要的指令。使用这种方法取回邮件的缺点是什么？但又有哪些潜在好处呢？

2、找出3个提供基于网络电子邮件服务的组织。他们都对电子邮件发送和接收的安全都做出了哪些承诺？他们有没有验证用户的身份？

3、（家庭作业）找出你经常使用的电子邮件地址所使用的SMTP服务器。

 

9.2 Safe E-mail Usage Part 1: Receiving
Everyone uses e-mail, and to the surprise of many people, your e-mail can be used against
you. E-mail should be treated as a post card, in that anyone who looks can read the
contents. You should never put anything in an ordinary e-mail that you don’t want to be
read. That being said there are strategies for securing your e-mail. In this section we will cover
safe and sane e-mail usage and how to protect your privacy online.

9.2.1 Spam, Phishing and Fraud
Everybody likes to get e-mail. A long time ago, in a galaxy far far away it used to be you only
got mail from people you knew, and it was about things you cared about. Now you get email
from people you never heard of asking you to buy software, drugs, and real estate, not
to mention help them get 24 million dollars out of Nigeria. This type of unsolicited advertising is
called spam. It comes as a surprise to many people that e-mail they receive can provide a
lot of information to a sender, such as when the mail was opened and how many times it was
read, if it was forwarded, etc. This type of technology – called web bugs – is used by both
spammers and legitimate senders. Also, replying to an e-mail or clicking on the unsubscribe
link may tell the sender that they have reached a live address. Another invasion of privacy
concern is the increasingly common “phishing” attack. Have you ever gotten an e-mail
asking you to login and verify your bank or E-bay account information? Beware, because it is
a trick to steal your account information. To secure yourself against these types of attacks,
there are some simple strategies to protect yourself outlined below.

 

9.2 安全邮件使用 第一部分：接收邮件

几乎所有的人都使用电子邮件，但很多人不知道的是，当电子邮件使用不当时会对你产生不利的邮箱。电子邮件就和明信片一样，每个人收到明信片的人都能看懂其中的内容。不要将你不想被别人知道的内容写到一封普通邮件中。不过还是有些保证电子邮件安全的方法。这部分我们将介绍怎么安全使用电子邮件，如何保护自己的隐私。

9.2.1 垃圾邮件和诈骗邮件

任何人都想收到一封邮件，很久以前，你只能收到你认识的人的来信，说的内容也是你所关系的。现在你收到一些陌生人发过来的邮件，让你购买软件，药品和房子，更不用说那些更不靠谱的邮件了。这些广告形式的邮件就是垃圾邮件，很多人不知道的是他们收到的邮件会给发送者提供很多的信息，譬如该邮件什么时候打开的，被读过多少次，是不是被转发过等等。这种技术---叫做网页漏洞---被发送垃圾邮件的人和合法的发送者使用。也有可能，回信或者点击退出都会告诉发送者一个地址。另一种对隐私的侵犯是最常用的钓鱼攻击。有没有收到一封邮件让你登陆并更改银行或者Ebay账户信息？注意，这是一种窃取你账号信息的骗局。为了避免这些攻击，下面列出了一些保护自己的简单方法。