Email security

Currently, there are a large number of users who haven’t realized the importance of email security yet. In fact, most email users hold the idea that there is no secret in their emails, so they don’t pay any attention to email security. Unfortunately, some of them misunderstand the meaning of the word “secret”. Some things users believe useless might leave an opportunity for malicious people to do bad things. Users can only prevent their private information from being leaked out by enhancing the email security.
Solutions to enhancing Gmail security
As we have mentioned before, email security is extremely important in today’s era. Gmail is one of the most popular emails, so Gmail security also deserves much attention of users. Now, we will offer some solutions, including email encryption and digital signature to helping users enhance Gmail security. 1. Question: if all mailboxes of users are Gmail or Google Apps and they are using IMAP, has the SSL encryption (one kind of email encryption) already been built in these mailboxes? Solution: if users access Gmail or Google Apps via web page, they will be encrypted by default. Once users access Gmail or Google Apps through email client software, the mailboxes will also be encrypted by default as long as they are using IMAP or SMTP. However, if POP is adopted in users’ Gmail account, there will be no email encryption. 2. Question: is SSH Tunnel or SOCKS Proxy (two different forms of email encryption) available to enhance Gmail security in this situation? Solution: of course, SSH Tunnel or SOCKS Proxy will be helpful. In fact, SSL relies on Public Key Infrastructure which has a fatal flaw: it will consider all Certificate Authorities (CA) as safe by default. Therefore, users had better encrypt their mailboxes by making use of SSH Tunnel or SOCKS Proxy if they want to enhance email security. 3. Question: is digital signature necessary after users know the existence of SSL, SSH Tunnel and SOCKS Proxy? Solution: of course, it is necessary since SSL, SSH Tunnel, SOCKS Proxy and digital signature are used to solve problems in different level. SSL, SSH Tunnel and SOCKS Proxy are only used to help users connect Gmail server safely so as to send and receive emails; they are not able to ensure the communication safety between recipients and senders. For example, if users’ email has not been encrypted or there is no digital signature when they send it to a 163 mailbox user through Gmail, eavesdropping and forgery are likely to occur. 4. Question: if users’ Wi-Fi is WPA or WPA2, is it necessary to use a VPN from the perspective of encryption? Solution: certainly, the answer is positive. WPA or WPA2 is only able to guarantee the secure connection between computer and router. To guarantee the secure connection between router and ISP and ISP and network, users may as well adopt a VPN.
We believe users can optimize the email security after paying much attention to above aspects.