Apple Mozilla Software

Mac Email Showdown

ComputerWorld has a rather good showdown of email clients on Mac OS X. The best breakdown of features I’ve seen on the Mac side in some time.

That said, I think they were slightly unfair to Thunderbird. For example, Thunderbird does have calendar support via Lightning which wasn’t mentioned (though it does indicate webmail support via extension). I’ve been using it with Google Calendar and it’s been working very well for me. It also says that Thunderbird can’t read from the Mac OS X Address book, though it should be noted that’s now fixed for the next release. It does however in another part of the breakdown briefly discuss Apple’s upcoming Mail release.

Another interesting note is that there doesn’t seem to be any mention of Entourage still not being available as a Universal Binary, meaning it’s very slow on Intel based Mac’s as I’ve mentioned before. We won’t see it as a Universal Binary until 2008. As someone who uses it daily at work, I’m counting down the days. IMHO this problem alone makes Thunderbird a much better mail client (minus the lack of Exchange support).

Does anyone know if Mail supports exchange? The review seems to think so (see the chart), though I thought that was only over IMAP. Apple seems to agree with me (emphasis mine):

Mail works with the following account types: POP, IMAP, .Mac, and Exchange (only if configured as an IMAP server). You can’t log in directly to Hotmail, AOL, or any service that does not support POP or IMAP access, and retrieve email using Mail.

I wouldn’t really call that support.

Other than those things which I believe aren’t quite accurate, I actually liked the review. I though it was a decent breakdown on a level I haven’t seen before. It exposes features that few really look at (search for example), but really matter in terms of user experience.


MoFo’s MailCo To Coincide With MoCo

Did you catch that title? Thunderbird has a new home, but it’s not moving far. I mentioned this a few weeks ago. The most interesting bit is this:

The new organization doesn’t have a name yet, so I’ll call it MailCo here. MailCo will be part of the Mozilla Foundation and will serve the public benefit mission of the Mozilla Foundation. (Technically, it will be a wholly owned subsidiary of the Mozilla Foundation, just like the Mozilla Corporation.)

Awesome! And other minor details…

Mozilla will provide an initial $3 million dollars in seed funding to launch MailCo…. Mozilla may well invest additional funds; we also hope that there are other paths for sustainability.

It’s great to see it’s going to be well taken care of. Keeping it in the family is also good for XULRunner and the Mozilla platform since it ensures everyone will continue to work as closely as they have in the past. Also insures that the new organization will keep the same principles at heart that made Firefox what it is today.

The Rumbling Edge has a good list of media coverage.

In other news, Yahoo acquired Zimbra for a cool $350 Million. This has been the biggest week for email since Gmail launched.

Mozilla Security

Email Image Protection

Many people think that making an image out of an email is a good way to protect it from being harvested by spam bots. It’s now possible to convert it from an image to email link via a Firefox extension. Guess what, an email harvester can do this just as well. What’s a better solution against email harvesters? Don’t put any trace of an email address online, use a form. Yes you could distort the image a bit to make it more difficult, but using a CAPTCHA as an email isn’t going to make you any friends. JavaScript can also be done, but no reason why it can’t be interpreted (though that may be more difficult in some cases, since a JS engine isn’t the easiest thing to work with, and implementing anything less can easily be defeated by throwing some extra JS in there. Some discussion on the Firefox Extension implementation can also be found on Gerv’s blog where he proposed the idea.

Apple Mozilla

Apple iPod touch – Applications Wanted

So Apple unveiled the new iPod today – iPod touch. I’m pretty impressed with what I’ve seen thus far. It’s pretty much the iPhone without the phone. The other big Apple news today, dropping the smaller iPhone was no big surprise. In all honesty not to surprised about the price drop either. They are ramping up for a big push.

It’s no secret that I’m interested in a replacement for my aging (4 year+) Sony Clie. It’s battery life is miserable, no WiFi, software is hard to find and buggy, and it doesn’t even compare to what’s out there now. Palm OS 4 was great for 2002, but doesn’t stand a chance in 2007. This might be what I’m looking for.

iPod touch

I don’t really care about the MP3 player (it’s not 2001 anymore), video could be cool, but I wouldn’t use it an awful lot either. I’d likely load a few things on there before going on vacation, but not much more than that. What I care about what’s under the hood, Mac OS X. And the hardware that runs it (awesome display, battery life, WiFi).

That said, before I’d take out the credit card, I want to see a few things:

  • Hack-ability – I want to see that third party apps can be hacked to run on it. If I can get terminal going, and run SSH, nano, vim, or emacs, and pine I’ll be very happy.
  • Mail – Someone already wrote an Apollo IM, an app for the iPhone based on libPurple (Pidgin/Gaim). If similar desire causes someone to write an email app, I’m golden. Webmail is survivable, client application is awesome.

If I see these things emerge in some form… I’ll be thrilled. That pretty much would make the sale. If I can add applications to it it will rock. If I’m limited to Apple’s offering, then I’d think twice, since I love the browser functionality, but want some power tools that a browser just can’t handle. It’s still a great device at a great price, but not living up to it’s potential as it is out of the box. Mac OS X is designed to be built on top of.

Also on the wants list, but wouldn’t hold me up:

  • Offline Web BrowsingGoogle Gears would be most useful to have Google Reader on the go.
  • Calendar – Could be either a basic iCal clone, or just Google Calendar with Google Gears. Either would rock.
  • Address Book – Won’t take long for this to surface. Cell phone can handle it anyway. In the mean time a text file and terminal will do just fine. grep anyone?

They really should just open the platform up. Even if it’s “at your own risk” with a big warning every time you run something for the first time. Firefox on this thing would just rock. Would also be a step closer to Google Gears at that point (since it currently doesn’t support Safari even on the desktop, much less Apple’s new handheld product line).

Update [09/05/2007 @ 11:13 PM EST]: According to Ars Technica the iPod touch does have an address book and calendar! Come on third party apps!

Google Security Spam

Google Used For Spam

This happened a few weeks ago. I kept it quiet and reported it. Hasn’t happened again, and I haven’t heard anything, so I presume it’s fixed.

It appears spammers have learned to hijack Google Alerts for spamming purposes. By setting up an alert with a spam text, the email is sent through Google’s mail servers. Because it’s plain text, most Email clients will parse the link in an email to make it clickable. Effectively Google is running an open mail server. Here’s what I saw when I visited Google’s site to see if it really was in my account:

Google Spam

So apparently a spammer was smart enough to realize they could hijack this functionality to send spam through Google. I emailed Google a few week ago about this problem, and didn’t hear back. I haven’t seen another, so I presume they fixed this problem by now. From what I’ve read Google is pretty prompt with this stuff.

This just shows how careful you need to be with security of web forms. Even something innocent sounding like this can be hijacked to send nasty payloads. A spammer could have used this to send links to infected files, etc. All looking like legitimate Google emails (because they are from Google).

Here’s what the email looks like (slightly sanitized by me):

Mozilla Open Source

Open Source Corporate Email

According to ZDNet a Yankee Group report to be released next month found that of 1,000 IT managers and C-level executives, “23% of the survey respondents indicated they intend to migrate away from Exchange Server.” That’s a rather impressive number. Quite a few of those could go to Zimbra or Hula/NetMail, which could make great companions for Thunderbird, who buy the way is rapidly developing a calendar, which is starting to look pretty good.

It could be interesting to see what happens.

Mozilla Spam

The Crushing Junk Folder

Since 9/19/2006 when I last emptied my Junk folder, my personal email address has 1.65GB (yes, gigabytes) of Spam/Viruses in it. That is in my opinion a sign of a serious problem.

Oh yea, a few weeks ago, we began auto-rejecting email from certain blacklisted servers, which drastically cut down on spam. And still it almost hit the 2GB mark.

Imagine how much wasted electricity spam filtering costs due to consuming CPU cycles and hard drive I/O. Not to mention the financial cost.

On a side note, for Thunderbird users:

I like to keep a mail archive, I do so using the trash. I just don’t empty. But I don’t want my “Junk” in there. So what I do is periodically delete it.

Edit: See comment #1 for a better way, or for my way, read on.

First close Thunderbird. In your profile, find your Mail folder, then your mail server, and you’ll see a file called Junk. Delete it and create a blank. Or in any Unix OS:

rm -r Junk
touch Junk

Then open up Thunderbird, right click on the Junk folder (will still show # of items, though none exist), select “Compact”. It will soon reset to 0. Done. Nothing mixed in your trash. Perhaps a nice extension would be a hard delete, one that didn’t go to the trash, but just wiped the contents away.

Open Source Security Software

Using Norton AntiVirus With POP3 Over SSL

I didn’t find this anywhere online, so I thought I’d post it. Norton AntiVirus up to and including 2007 doesn’t support POP3 over SSL. That’s a problem since sending mail without SSL is insecure, and sending mail over SSL with no virus scanning is also insecure. There is a fix.

Please note these directions, and intended to be a casual guide for experienced individuals. I’m not providing assistance or support.

Blog Internet Mozilla

Off Topic Mail

It seems to be happening more and more. I get emails sent either through my contact page or emailed directly to me that are extremely misguided. Often to the point where you question if they would give you their credit card number, social security number, or proof of a sacrificed first born if you just replied and asked for it. We aren’t talking about spam, but questions that really have no purpose being directed towards me, and I can’t for the life of me figure out why someone would pick me.

I’ve tried with the “emails about _____ will be ignored” warnings on the contact page, but they were ignored, so to make the page cleaner I just removed it. Apparently people who do this are so misdirected, that didn’t help ;-).

Among the more memorable ones:

  • Account/Invite Requests – This is the most popular. They typically want an account on: Orkut, Reporter, Gmail, something about ‘Mozilla Email Service’ or something like that once or twice a few years ago. Are there plans to compete with Gmail that I haven’t heard about? Even The Venice Project (which I can’t confirm or deny any sneak peak, much less share if I did).
  • It’s Broken – I answer if it’s related to code that I wrote (extension, website, etc.). If it’s a “Firefox doesn’t work” I always point to mozillaZine forums for this (since those forums do a pretty good job), can’t login to some random site including online banking or their work email, or some other site. Requests about lost passwords? Yup.
  • He’s picking on me – How to get revenge? I got one of these before too.
  • Can you help me make… – Typically a request for me to do all the work (for free) behind someones moronic business idea. Like I don’t have enough things I want to do for myself.
  • Angry Mail – These are the ones where people feel that if your online, it’s your legally binding obligation is to be their digital slave. Not even a simple request, but a demand or threat, often either abrasive or just outright offensive in nature.

There are others, but not quite as memorable. 9/10 that fall into the above categories are just ignored and deleted with no reply. After all, why even get them started. Some people do get worse than me, so I really can’t complain too much.

A few months ago I was getting some serious spam, but since I rewrote the system to include several anti-spam defenses, that’s been remedied. That of course doesn’t solve this.

It doesn’t bother me to much (it’s not like it’s flooding my email), but just one of those silly things you have to deal with. I understand the Firefox related questions on occasion, or things related to work I’ve done. But much of it is so off target it’s funny.

I do wonder if there is a better way to handle it.

Google Internet Politics Spam

Postage for Email? My Internet != Your Internet?

There’s been a lot of buzz lately over AOL and Yahoo charging to email their customers. I think this quote most likely will end up being the future:

AOL users will become dissatisfied when they don’t receive the e-mail that they want, and when they complain to the senders, they’ll be told, ‘it’s AOL’s fault,’ ” said Richi Jennings, an analyst at Ferris Research, which specializes in e-mail.

Well said. Just wait until AOL customers realize they aren’t getting order confirmations, notifications, and other email’s because the sender won’t pay.

Another concern not really discussed is the possibility of having a Level 3/Cogent style battle where one ISP refuses to let another email their customers, because they aren’t getting paid what they feel they should.

Right now, email is essentially 100% peered. Everyone emails everyone, nobody charges. You pay your ISP to run the mail server, and that’s it. If commercial entities need to pay to email you, your going to get separate charges. Want an email when your order ships? Pay extra. Want an email when this item is back in stock? Pay extra.

This is a very slippery slope. Just one or two greedy ISP’s is all you need to ruin email. Once you can’t reliably email, the system is dead. Spam can reduce efficiency, but can’t kill email. Remember Email is by far the most used protocol in business.

I doubt this system will do anything to reduce spam for AOL customers. It will however help AOL’s revenue, which I’m assuming is the real goal. A slightly bold move as AOL is assuming their customers won’t mind not getting all the legitimate email they would if they used a free Gmail or even Hotmail account.

There’s also a decent possibility AOL customers might have to pay merchants an email fee when they buy products, to help cover that cost. Of course merchants eventually will sneak in their percentage there, further hiking prices.

Personally, I think this biggest threat is a Level 3/Cogent style dispute.

Should also note there’s currently a lot going on over Net Neutrality. Google’s been thrown into the middle of that, merely because of how ubiquitous the company is. Vint Cerf’s letter on the topic is really a must read. Paying for email right is really just an inverted case of network neutrality. Instead of the middle man dictating who you can/can’t communicate with, the next ISP down the line decides. That’s no better.

The Internet as an open medium could drastically change in the next few months if some of this stuff becomes reality. There are quite a few companies out there who believe the internet is enough of a threat to their business, that they want to go as far as crippling it.