Questions about securing your UVM email connection
I got an email titled "You connected to your UVM email account in an insecure manner". What's this about?
As indicated in the message, one or more mail programs you use to access your UVM email is configured insecurely. Mail programs configured in this manner communicate password information "in the clear," without encryption. Unencrypted password transmissions have the potential to be intercepted by other people and used inappropriately.
I've been checking my mail this way for a long time now and it works fine. Why do I need to make this change?
UVM seeks to reduce the risk of compromised accounts and data theft that could occur with unencrypted password communications. This change not only protects your personal information, but UVM institutional data as well.
On June 14, 2010, the ability to access UVM email with unencrypted NetID passwords will be disabled.
What do these Internet addresses in the email mean? Why am I seeing them?
The Internet addresses provided in the email show where connections to your UVM email account originate. They are given to help you see the locations of where you access your email, and to give an idea of which computer may need to have its mail program settings adjusted.
If you access UVM email from more than one computer, each computer will need to be adjusted to the improved security settings.
Examples of addresses you may see:
- ipNNNNNN.uvm.edu - UVM address - on-campus, or off-campus via VPN
- 132.198.NNN.NNN - UVM address - same as above
- xxxx ... myvzw.com - Verizon wireless
- gmavt.net, .greenmountainaccess.net - Green Mountain Access
- .fahc.org - Fletcher Allen Health Care
- .burlingtontelecom.net - Burlington Telecom
- .myfairpoint.net - Fairpoint
- .comcast.net - Comcast
- .google.com - Google (are you fetching your UVM mail to a Gmail account?)
- .1e100.net - Google (same as above)
- .mycingular.net - Cingular wireless
How do I change my mail client to use a secure connection?
In general, mail programs will need to be configured to use a secure connection, usually referred to as SSL (Secure Socket Layer) or TLS (Transport Layer Security). This setting is made for the IMAP or POP3 account. For specific details, see more information for each mail program below.
You may also see a setting called secure authentication, which is different. It is recommended to leave this setting off, as enabling it may prevent you from accessing your UVM email. Using SSL or TLS is sufficient protection for your password.
ThunderbirdInstructions for Mozilla Thunderbird.
Apple MailDocumentation on Apple Mail, or Mail.app.
Windows MailSee documentation on Outlook Express. documentation on how to set Gmail fetching to use SSL.
Blackberry (RIM)Documentation on configuring your Blackberry with BIS to fetch your UVM email.
Last modified November 18 2011 04:26 PM