home

Information Technology

Securing your UVM mail connection

Questions about securing your UVM email connection

I got an email titled "You connected to your UVM email account in an insecure manner". What's this about?

As indicated in the message, one or more mail programs you use to access your UVM email is configured insecurely. Mail programs configured in this manner communicate password information "in the clear," without encryption. Unencrypted password transmissions have the potential to be intercepted by other people and used inappropriately.

I've been checking my mail this way for a long time now and it works fine. Why do I need to make this change?

UVM seeks to reduce the risk of compromised accounts and data theft that could occur with unencrypted password communications. This change not only protects your personal information, but UVM institutional data as well.

On June 14, 2010, the ability to access UVM email with unencrypted NetID passwords will be disabled.

What do these Internet addresses in the email mean? Why am I seeing them?

The Internet addresses provided in the email show where connections to your UVM email account originate. They are given to help you see the locations of where you access your email, and to give an idea of which computer may need to have its mail program settings adjusted.

If you access UVM email from more than one computer, each computer will need to be adjusted to the improved security settings.

Examples of addresses you may see:

  • ipNNNNNN.uvm.edu - UVM address - on-campus, or off-campus via VPN
  • 132.198.NNN.NNN - UVM address - same as above
  • xxxx ... myvzw.com - Verizon wireless
  • gmavt.net, .greenmountainaccess.net - Green Mountain Access
  • .fahc.org - Fletcher Allen Health Care
  • .burlingtontelecom.net - Burlington Telecom
  • .myfairpoint.net - Fairpoint
  • .comcast.net - Comcast
  • .google.com - Google (are you fetching your UVM mail to a Gmail account?)
  • .1e100.net - Google (same as above)
  • .mycingular.net - Cingular wireless

How do I change my mail client to use a secure connection?

In general, mail programs will need to be configured to use a secure connection, usually referred to as SSL (Secure Socket Layer) or TLS (Transport Layer Security). This setting is made for the IMAP or POP3 account. For specific details, see more information for each mail program below.

You may also see a setting called secure authentication, which is different. It is recommended to leave this setting off, as enabling it may prevent you from accessing your UVM email. Using SSL or TLS is sufficient protection for your password.

Specific clients:

Thunderbird

Instructions for Mozilla Thunderbird.

Apple Mail

Documentation on Apple Mail, or Mail.app.

Windows Mail

See documentation on Outlook Express.

Gmail (fetching mail from UVM)

See documentation on how to set Gmail fetching to use SSL.

Blackberry (RIM)

Documentation on configuring your Blackberry with BIS to fetch your UVM email.

Last modified November 18 2011 04:26 PM

Contact UVM © 2014 The University of Vermont - Burlington, VT 05405 - (802) 656-3131