If you got a warning from our email system that said “Your email client used an insecure login protocol”, then you are using a email client to access your email account which is not using SSL/TLS. To fix this issue all you need to do is edit your email client settings and turn on SSL/TLS. Information on how to set-up common email clients is available on your mail system home page at: http://mail.yourdomain.com (where “yourdomain.com” is your own domain name).
SSL stands for Secure Sockets Layer and, in short, it’s the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details. TLS (Transport Layer Security) is just an updated, more secure, version of SSL.
At Imageway we offer both secure and non non-secure connections to all our supported Internet protocols. The reason we have kept the non-secure connections around is to support older clients which might not support secure based connections. If your email client supports a secure connection, which most do now in days, we strongly suggest you turn it on. This is why these warnings are sent out, so the customer is aware that something can be fixed to improve their overall security.
If you have additional questions or comments please contact us at one of the means available at: https://www.imageway.com/contact-us
The concept of “push email” has been widely marketed as a desirable feature of mobile email services, to enable users to get immediate notification of and access to new messages. This article looks at various approaches to meeting user requirements, and concludes that the Internet Standard IMAP (Internet Message Access Protocol) IDLE command is the best way to achieve this service.
“Push Email” is an unfortunate choice of terminology, as it implies a specific technical solution to a more generic user requirement. The primary user requirement described by “push email” is:
‘Immediately’ in the context of store and forward messaging would typically be interpreted as “a few seconds”, rather than hours and minutes. There are some associated secondary requirements that should be addressed
1) The user should have control over message download to the mobile device. A typical choice would be to automatically download small messages, and to download larger messages under user control.
2) The user should be able to turn off notifications when desired.
3) The user should have control over which messages lead to notifications (e.g., only messages from the boss!).
The basic approach used by many email devices is to connect to the server to access new messages. This is a good model for many uses of mobile email, where access to email is under user control – the user checks email when the user wants to.
In order achieve automatic notification of new messages, a simple approach is to use ‘polling’ where the mobile client automatically connects to the server at intervals to check for new messages. However, there are two main problems with this approach:
1) Frequent polling is an inefficient use of network and mobile device resources, increasing the cost to the user.
2) New mail notification is only as frequent at the polling, and not ‘immediate’.
Polling is a poor solution for a user needing immediate notification.
IMAP (Internet Message Access Protocol) is the best open standard for accessing mobile email. It handles immediate notification as part of general operations and by the IDLE command, which is a widely implemented standard extension to the core IMAP protocol.
IMAP works by the software on the mobile device (the client) issuing commands to the server. An IMAP server provides two things in response to a client command:
1) An answer to the request.
2) Information on any new messages.
This means that where a client is actively doing things with an IMAP server, it will be told immediately about new messages. The client can then get summary information on the message to present to the user, and can (automatically) download the message when appropriate.
This means that an active client will always be kept up to date. The IDLE command deals with the situation where the client has no more requests to make. The server responds to the idle command when there is a new message (or messages) which indicates to the client that there are new messages.
When the user is inactive, and does not wish to receive notifications, the client simply stops using IDLE, which is very efficient.
The basic network use of the IDLE command is very small, and so it makes very efficient use of bandwidth. In practice things are made more complex by the problem of timeouts occuring when there is no activity keeping the connection open. The main timeouts that will occur are:
1) IMAP server timeout: Typically occurs after 30 minutes with no activity.
2) NAT Gateway timeout: Most mobile devices access the Internet through a device operated by the mobile service provider called a NAT (Network Address Translation) gateway. These will typically time out an idle connection after 15 minutes.
The solution to this is for the IMAP client to issue a NOOP (No Operation) command at intervals, typically every 15 minutes. This will exchange a few bytes of data, and keep everything active. The impact of holding an IMAP connection open on the client, server and intermediate components should be considered:
1) IMAP Server. A good IMAP server will have minimal overhead for an Idle connection, and should be able to support 10’s or 100’s of thousands of connections.
2) IP Routers and other network components. Negligible impact.
3) Phone. For older phones there could be an issue of increased battery usage due to holding the connection open. This is unlikely to be a problem on a modern phone.
Another practical problem is that current phone networking technology will lose IP network connectivity from time to time, and this will need to be automatically re-established, and the IMAP connection re-established if this is lost due to a long network failure.
In summary, the overall IMAP IDLE architecture has good performance.
An alternative to the IMAP IDLE approach is for a mechanism whereby the server pushes something to the client when a new message arrives, without there being an open connection from the client to the server. This section looks at this approach.
There are two variants of the ‘true’ push approach:
1) Push the new message.
2) Push a short generic message alert, prompting the client to connect to the server in order to retrieve the message.
Using approach 1 leads to three problems:
1) The mechanism will need to deal with security and data confidentiality, which leads to a lot of additional complexity.
2) The data being pushed becomes larger, which reduces the options for sending the data (e.g., SMS could not be used).
3) There is no client control on the choice to download.
For these reasons, the second approach is generally better, and this is the one considered here.
A clean way to send data from the server to the mobile device would be for the server to open a TCP connection. This would give a lot of flexibility in protocol choice and deployment. Unfortunately, this is impractical because most mobile devices do not have registered IP addresses to which a server can connect. They are also generally connected through a NAT gateway that will prevent connections being made to the phone. This means that use of a TCP connection is not generally a viable option.
This means that another mechanism needs to be used to do the ‘push’. There are various options to do this. SMS is a good candidate, as it is widely supported as a data listening mechanism on most mobile devices. SMS is used as an example interconnect mechanism in this paper. The use of SMS as the mechanism to carry messaging alerts leads to two integration problems:
1) Phone. SMS is a general purpose service, not specific to email. There are two integration approaches:
1a) Use a “you’ve got mail” message to the human user, who will then connect with the email application. This crude approach would only be suitable for very basic use.
1b) Standardize how SMS is used, so that phones can detect email notifications and pass them to the email client for automatic processing.
2) Messaging server. There are two deployment scenarios:
2a) Messaging server deployed by a mobile operator. In this scenario integration with SMS is straightforward.
2b) Messaging server deployed by the end organization or independent service provider. Typically such a deployment will rely on Internet access. Integration with SMS would provide both technical problems (how to make it happen) and commercial problems (who pays for the SMS message, and how to prevent abuse).
These problems are not insurmountable, but will be a barrier to widespread adoption.
The response time and data use of this push approach are contrasted to IMAP IDLE. A messaging server offering both approaches would be able to send the push notification and IDLE response at the same time. The IDLE response is immediate, and it will initiate the client to deal with the new messages. The push notification will have two delays:
1) Time for the SMS message to reach the phone. This may be a few seconds, but could take longer.
2) Time for the client to connect to the server. This will typically be a few seconds.
True push will be somewhat slower than IMAP IDLE, but in practice this is not likely to be a big problem.
Data usage for IMAP IDLE is essentially the 15 minute NOOP to keep the connection alive, plus a small amount of data to do the notification. The true push will have the cost of the SMS notification. The data for connection establishment is more significant, typically including TCP Connection; TLS (for data confidentiality); client authentication; client (re) synchronization.
It can be seen that for frequent message arrival, that IMAP IDLE is more efficient and that for longer intervals between notifications that true push has better data efficiency. The details will depend on many parameters. A rough calculation suggests that a typical break-even point would be around two days. This suggests that for a typical user receiving and getting notifications for 10 messages per day, that IMAP IDLE has significantly better data performance.
When the user does not want to receive notifications, there is a need to change server configuration (which causes extra complexity and network activity).
IMAP + IMAP IDLE is a good approach for providing the immediate email notification and delivery service of “push email”. It has substantial implementation, deployment and performance advantages over a “true push” approach. Imageway offers a solid, fast, and fully compliant IMAP email service implementation with IMAP IDLE support for push email.
Imageway WebMail end user help.
Imageway WebMail has two slightly different forms of labels with comparitive advantages as below:
Should be used for labels you use frequently and may want to change on multiple messages. This uses IMAP user flags to store the labels.
Imageway WebMail labels
Only use if you need more than 22 labels or imap user flags cannot be enabled. Avoid using these on large messages. This stores the label as an additional header in your IMAP message. This requires Imageway WebMail to modify and re-upload your email message to the server.
Labels can be added and removed from messages as much as you like. However for both types of labels once the label has been created it cannot be deleted (for implementation reasons).
You can however rename the display name or hide labels from display.
Imageway WebMail has three different ways of searching for messages
This is a ‘search as you type’ browser side ‘full text match only’ search of the displayed headers of the current page of messages. This is useful for quickly locating certain messages without waiting for the delay involved in going to the server for more advanced searches.
Note: This will not search message bodies or other pages of messages in the currently displayed folder (see hint below)
HINT: When Enter is pressed a “quick search” will be automatically switched to a “folder search” under certain conditions. In particular: if there are multiple pages of messages in a folder, if advanced search syntax characters are found (colon or minus or double quote), or control-enter is pressed.
This is a very fast server side headers search of all the messages in one or more folders. This search capability allows for the search for multiple search terms that are ‘ANDed’ together and allows for searching specific fields:
Note: This will not search message bodies, and only searches messages in folders that have already been accessed and indexed by Imageway WebMail (manually refresh by right clicking a folder and select refresh or refresh all)
note: The “Recent” option only searches folders that have been accessed in the last month. The “All” option will search all folders but does not refresh the mesage indexes from IMAP so may not find the message you are looking for. Click any folders in question to refresh the indexes.
IMAP serverside search of the full message body and headers content. This can take a long time on large folders / or large accounts – expect approx 30 seconds per 100 MB of mail that needs to be searched through.
One or more search terms can be specified which will be ANDed together.
Note: This may take a long time
|Body search syntax:|
|joe||All messages with the word ‘joe’ anywhere in the message|
|joe blogs||All messages with the word ‘joe’ AND ‘blogs’ anywhere in the message|
|“joe blogs”||All messages with the string ‘joe blogs’ anywhere in the message|
Imageway WebMail uses the surgemail user.cgi Friends and spam handling features. Manually correcting false positives and training messages as spam can be done using the following actions in Imageway WebMail or in an IMAP client:
|Primary action||actioned in INBOX or other folder||actioned in Spam folder|
In Windows XP and later, the Windows file redirector has a built-in WebDAV client which can be used to mount a Windows drive letter to our on-line Mobile Office service. When you copy files to this drive mapping, they are stored on our Mobile Office server, which can be accessed from any computer via a drive mapping or via the Mobile Office web interface. When trying to copy large files you might run into a error that says “Error 0x800700DF: The file size exceeds the limit allowed and cannot be saved”. Windows has a built in limit on the size of a file that is allowed to be copied using WebDAV. To change this limit you must edit a registry subkey which holds the value limit, and reboot your computer. To change this registry setting do the following:
1) Click Start, click Run, type regedit in the Open box, and then click “Ok”.
2) Locate “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\WebClient\Parameters” from the drop-down structure in left pane.
3) Right click on the “FileSizeLimitInBytes” subkey listed in the right pane, then click “Modify”.
4) Click the “Decimal” bubble under the “Base” section.
4) In the “Value data” box, type 4294967295, and then click “Ok”.
6) Reboot your computer.
Completing the above sets the maximum you can copy via WebDAV to 4 gig for a single file.
An email archive is a repository generally kept in a non-productive environment to provide secure preservation of email for compliance and operational purposes. A email archiving system automatically extracts message contents and attachments from incoming/outgoing emails and after indexing, it stores them in read-only format. This ensures that archived records are maintained in their original state.
The active approach adopted by email archiving solutions ensures that the company has a centralized and accessible copy of all its email. This provides additional protection against accidental or intentional deletion of emails by end-users. Email archiving also eliminates the need to search for personal archives on each and every local machine whenever litigation support is requested.
It must be noted that ‘backup’ and ‘archival’ storage serve two different purposes. Backups are intended to save current data against the event of failure or disaster whilst archives protect data so that it can be accessed when needed.
Email archiving is available on all our Email Hosting accounts. The email archiving feature is disabled by default. To turn it on do the following:
1) Login to the “Domain Management” section on the Email Message System for your domain.
2) Click the “Misc” button.
3) Make sure the “Disable Legal Archive” option is unchecked, and then click the “Save” button.
Once you do this, a copy of all incoming and outgoing email for your domain will be kept in a read only archive for 7 years. To access this archive click the “Legal Archive” button within the “Domain Management” interface.
If you require a custom email archive setup, please contact us. We can set up a email archive that will keep archives for shorter or longer periods or will only archive specific email based on “To”, “From”, or “Subject”.
Email archiving requirements are different based on country, state, and type of business. Be sure to research to find what email archiving is required for your business. One such document to aid in your research is available http://www.intradyn.com/email-retention-laws/
Imageway supports multiple technologies to allow secure encrypted sending and receiving of email. To talk to our mail system to send and retrieve email you usually have two options. Option one is using our webmail. Option two is using a 3rd party email client such as Outlook, Mac Mail, or Thunderbird. If you use our webmail, your connection to our mail system is encrypted using a secure web browser connection (HTTPS) automatically. If you use a 3rd party email client, you must tell your client to use IMAP(S), POP(S), and SMTP(S), where “S” is an SSL connection. You can find instructions on your domain’s email message center web page on setting up various email clients for a secure connection.
Now that you have your computer or mobile device talking to our system using a secure encrypted connection, you can send emails to anyone on your local domain and it will be secure. For example if “firstname.lastname@example.org” sends email to “email@example.com”, the email will reside on the same system, so it will be secure. But what happens if you want to send to another domain, such as “gmail.com”. This is where things get more complex. When you send email to someone on another domain that is not located on our email system, our system has to talk to another email system using SMTP. Our email system will try to make a secure encrypted connection to the other email system if the other system supports it. If it does not, then an unsecured connection will be used. Most of the large email providers do support using a secure SMTP connection.
To ensure outgoing email to another domain is sent securely you have two options:
1) Imageway Mail Vault – Our built in encryption system allows you to send encrypted emails by storing the outgoing email on our server, and then our email system will automatically send an email to the person receiving the email, notifying them to click a web page link to read the email. Once they click the link they are taken to a secure (HTTPS) website where they can read and reply to the email after they have been verified. You can send secure email using the Imageway Mail Vault by clicking the “pad lock” button in our webmail into the locked position. If you are not using our webmail, then we can set up a trigger word in the subject, where when the subject contains “encrypt:” (without quotes) then your outgoing email will be encrypted. This will allow you to send encrypted emails using any device connected to our system.
2) PGP (Pretty Good Privacy) – If your 3rd party email program supports it, you can use PGP. PGP requires you to create a key which you install in your email client. When you send email using PGP, the email program encrypts your email before it leaves your computer. For the receiver to un-encrypt your email and read it, they must have your public key which must be installed on their PGP supported email program. Due to these additional requirements, we do not suggest PGP if you want an easy and universally supported method of sending encrypted emails. We suggest using the Imageway Mail Vault above if you want a easier to use solution that is universally supported.
To see if incoming email was sent using a secure connection from another domain, you have two options:
1) If you are using our webmail (not the Mobile Office) and you see a “pad lock” icon next to the email sender or subject, then the email system that sent the email supported the ability to talk to our system over a secure encrypted connection and your email was sent securely. The emails themselves are sent in a plain text format over the encrypted connection, so it does not mean that the Imageway Vault or PGP was used, which offers another level of security because it encrypts the actual email content itself while sending over an encrypted connection.
2) If you are not using our webmail, then you will need to look at the full email headers for the “X-Encryption: SSL encrypted” text. You can search online to find out how to view email headers for your specific email program. If you are using Mac Mail, you can add any email header to be shown in your email view by going to the “Viewing section” of the Mail preferences, choose the “Custom setting”, and then add the “X-Encryption: SSL encrypted” text. This is a nice feature Mac Mail supports.
Using the methods above, you can have a secure end-to-end encrypted email connection which provides additional security to your business. These advanced features are included with all our email packages.
When you retrieve emails from a POP3 email account, the emails are deleted from the Mail Server by default after they are downloaded to your computer. However, if you want to check your emails from multiple computers, you must configure Mail Client to not delete the emails on your Mail Server. This scenario is most common for people who want to check their home Internet service provider (ISP) email account from work and download the emails for permanent storage on their home computer.
When you leave emails on your Mail Server, you can choose from several options to delete your emails. To make your choice, you need to consider several factors about your email usage, such as how long you want the emails to be accessible from multiple computers and the storage limits imposed by your email server administrator. If you exceed your storage limit, you might be unable to receive new emails or might be charged additional fees.
In Outlook, it allows you to select a time duration for leaving email on the Mail Server.
1. On the ‘Tools’ menu, click ‘E-mail Accounts’.
2. Click ‘View or change existing e-mail accounts’, and then click ‘Next’.
3. Select your email account, and then click ‘Change’.
4. Click ‘More Settings’.
5. Click the ‘Advanced’ tab, and under ‘Delivery’, select the ‘Leave a copy of messages on the server’ check box.
6. Under ‘Internet E-mail Settings’ dialog box, select one of the following options:
a) Remove from server after x days
Emails are downloaded to your computer but remain on the Mail Server for the number of days that you specify. This is the most common setting for people who want to read their emails at work but also download them for permanent storage on their home computer. We recommend that you choose the smallest number of days that suits your needs. The longer you leave emails on your Mail Server, the greater the risk of exceeding your mailbox size quota.
b) Remove from server when deleted from ‘Deleted Items’
Emails are downloaded to your computer but also remain on the Mail Server indefinitely until you delete the emails in Outlook and empty the ‘Deleted Items’ folder. Just deleting the email doesn’t remove the email from the Mail Server.
*** If you do not select either check box, emails are left on the server indefinitely. You can eventually exceed your mailbox quota, unless you connect to the Mail Server from another computer that has Outlook configured to remove emails from the Mail Server.
What’s the difference?
The main difference, as far as we are concerned here, is the way in which IMAP or POP controls your e-mail inbox.
When you use IMAP you are accessing your inbox on the central mail server. IMAP does not actually move messages onto your computer. You can think of an e-mail program using IMAP as a window to your messages on the server. Although the messages appear on your computer while you work with them, they remain on the central mail server.
POP does the opposite. Instead of just showing you what is in your inbox on the mail server, it checks the server for new messages, downloads all the new messages in your inbox onto your computer, and then deletes them from the server. This means that every time you use POP to view your new messages, they are no longer on the central mail server.
IMAP makes it easier to view mail from home, work, and other locations
Because IMAP leaves all of your messages on the central mail server, you can view these messages from any location with Internet access. This means the e-mail inbox you view from home will be the same one you see at work.
Since POP downloads new messages to your computer and removes them from the server, you will not be able to see those new messages on another computer when you check your inbox. Those messages exist only on the computer that downloaded them using POP. If you loose this computer, then you will also loose all your emails that were downloaded to it using POP.
However, if you use IMAP and create e-mail folders on the server, these folders are accessible from anywhere you read your e-mail using IMAP. If you use POP and create e-mail folders, they are stored locally, and you cannot access these folders from anywhere except the computer on which you created them.
POP can create problems if you alternate between it and IMAP. There is an option in many POP e-mail programs to leave copies of the messages on the server, but this option has complications. When you leave copies of the messages on the server, then access your e-mail using WebMail or another IMAP e-mail client, the POP client may create duplicate messages next time it accesses the inbox; you will see each of the messages more than once, and you will have to clean out (delete) the unwanted ones.
You may want to keep local copies
While using IMAP to save e-mail on the central mail server is recommended, there are reasons to have local copies of messages (messages downloaded to the computer, as with POP). Fortunately, IMAP allows you to keep local copies of all your messages. The option of local copies is useful when you are connecting from a dial-up connection. You may want to download your messages, then disconnect from the Internet and work with your mail offline. Please note that while you are working offline, you cannot send or receive mail. You need to be connected to the Internet to do those tasks.
If you or a user forgets their password, the administrator can do the following to change any domain users email:
1> In a web browser goto: https://mail.YOURDOMAIN.COM” (where YOURDOMAIN.COM is the domain you linked the hosting to).
2> Click the “Domain Admin” button, and use “postmaster@YOURDOMAIN.COM” as the username, and put in the password that was sent to you in your welcome email.
3> Once you are logged in move over to the “Domain Admin” heading and click the “User Accounts” option.
4> Click the “Search accounts” button.
5> Click on the account name you want to change the password for.
6> Where it says “password”, put in the new password.
7> Click the “Save User” button.
8> Make sure at the top you see “+OK” to verify it was saved.
If you don’t see “+OK“, then fix the password based on the response at the top. It might not allow a password if it is too short or easy to guess.
You can repeat the above steps for as many users as you wish.
If you have any other issues or comments, don’t hesitate to contact customer support.
Rate This Entry:
If you are trying to change your email account password do the following:
1> In a web browser goto: https://mail.YOURDOMAIN.COM” (where YOURDOMAIN.COM is the domain you linked the hosting to).
2> Click the “Webmail” button, and use “EMAIL@YOURDOMAIN.COM” as the username, and put in your current password.
3> Click the “options” and then “Preferences” at the top right.
4> Click the “”Change password” button.
5> This will allow you to change your current password.
You can repeat the above steps for as many users as you wish.
If you have any other issues or comments, don’t hesitate to contact customer support.
Rate This Entry:
All rights reserved. Copyright © 2000-2021 Imageway, LLC.