March 1, 2002

Webmail ousts nonsecure email options

Because of the popularity of the University's newly updated Webmail system, non-secure Telnet access is becoming obsolete and will be discontinued within the next year. Members of the Network Security and Enterprise Network Service Administration are currently debating when to terminate non-secure Telnet.

"The target date to discontinue non-secure Telnet is May 1, in time for seniors still using this form of Telnet to graduate," said Gregory Jackson, the chief information officer of Networking Services and Information Technology (NSIT). "By the end of the calendar year, if not before, we will no longer permit unsecured access to central services, including email."

Several students had complained earlier in the year about the unreliability of Webmail due to the heavy usage, but these problems have since been fixed. "We were learning how best to size and configure the Webmail servers for the load they would carry. This included attention to encryption mechanisms, system interactions, and lots of other details," Jackson said.

According to Jackson, the prevalence of Webmail on campus can be attributed to the changing interests of new students. Incoming students are given the same capabilities to access through non-secure Telnet, but they feel more comfortable with the familiar graphic interface of Webmail.

"The shift in usage patterns reflects the changing preferences of students who arrive here, rather than any change in University policy or preferences," Jackson said. "That is, high school students today are likely to use Hotmail, Yahoo, AOL, or various other Webmail applications, whereas students only a few years ago were more likely to use terminal-based mail. As go habits in high school, so go the preferences of first-years, and in due course of all students."

Many students are not familiar with Telnet. "I know what Telnet is, however I feel that programs such as Eudora and Webmail are more user-friendly," said first-year in the College Gur Talpaz. "When I am at home, I just use Webmail or Eudora since it can be accessed from outside the University network."

Many older students, however, have found non-secure Telnet helpful. "Everything I receive is downloaded into my hard drive, including viruses, whereas Telnet downloads all mail into the server so that it's possible to avoid viruses and unwanted mail," said Andrea Golden, a fourth-year in the College. "It seems to be a waste of time creating a new graphical interface program when the uses of Telnet compensate for all the services offered in Webmail including how to access other research tools like UNIX."

"We're giving first-years exactly all the same information about Telnet and Pine that we've always given them. The change in what they do stems partly from their arriving preferences for graphical interfaces like Webmail, and partly from the change to IMAP mail service, which permits much more 'portable' email service," Jackson said.

Another reason for its growing popularity can be attributed to non-secure Telnet's biggest problem — the concern for stabilizing a reliable source of protection and security for the program and its users. The use of encryption coding in Webmail, as well as in other programs such as Secure Socket Layer (SSL), Secure Shell Harper (SSH), Better Telnet, Kerberized Telnet, and Eudora, avoids the possibility of unprotected e-mail and files which cannot be provided by non-secure Telnet.

Jackson explained that with Telnet, the student's computer acts as a terminal, while all of the mail handling actually occurs on Harper, a time-sharing computer. With programs such as Outlook and Eudora, the mail handling is moved to the student's computer, which communicates directly with the mail servers.

"The advantage of Telnet/Pine used to be that students could access their mail and mailboxes from anywhere, since it was always on Harper, but over the last two years the move to IMAP mail has also made Eudora and similar approaches very portable," Jackson said. "Webmail makes mail more portable still, since all it requires is a suitable Web browser anywhere on the Internet."