Posterous

Posterous is a hosted blogging service that looks like a neat alternative to Tumblr. I like the emphasis on using email to create posts. Everyone already had an email address and knows how to use it, so there’s no wasted effort learning a new interface.

Sour Outlook – Jeffrey Zeldman Presents The Daily Report

Sour Outlook

The next version of Outlook takes a major step back in Web compatibility.

Official Gmail Blog: Import your mail and contacts from other accounts

Official Gmail Blog: Import your mail and contacts from other accounts

It’s hard to believe one could have still been stuck with mail in different accounts.

Google Adds IMAP Access to Gmail

After lagging behind Yahoo!, Google has added IMAP support to Gmail. This means that if you want to read your mail using a client like Thunderbird, Apple’s Mail, or MobileMail on the iPhone, any messages that you read on the client will be marked as read on Gmail’s web interface. It was annoying previously that whenever I opened up my email on my iPhone, all the mail that I’d already read during the day would pop up as new. Here’s the announcement from Google, and here’s a list of instructions on how to set it up. The iPhone gets its own page, and a video showing you how to set it up. There’s also a page explaining how they’ve translated Gmail’s Labels to IMAP folders. I don’t use labels too much—my mail needs are pretty simple—but this is a big deal because Gmail lets you apply multiple labels to the same message, while most mail systems tend to only allow a message be in one folder.

You can check to see if your account has had IMAP access turned on yet by going to Settings → Forwarding and POP. If it has a section for IMAP access, you’re set. If not, you’ll have to wait until Gmail upgrades your account. It doesn’t seem that Google Apps accounts have been upgraded. Mine hasn’t at least.

Update

Seems Google Apps accounts are being upgraded, too, so I’ll just have to wait until mine gets switched on. Also, you can reportedly use this to upload old mail to Gmail, if you have any stuff sitting around from other accounts.

Update 2

Here’s the post on the Gmail blog.

Update 3

My account’s active now. Here are some tips on how to set up your Drafts, Sent, and Trash folders to sync back to Gmail from Mail and MobileMail.

Don't Provide Your Email Password to Another Service

There’s a feature on some websites you might have seen recently. They offer to import your address book from a webmail service like Gmail and check to see which of your friends are already using their service. (Some will even spam your friends who aren’t without asking you, but that’s the subject for a whole different article on best practices.) This feature—asking for your Gmail, Hotmail, etc. password to check your address book—has become common practice on a lot of social network sites, and this is a very bad thing.

Don’t give out your email password to any third-party service, just like you wouldn’t ever give out your ATM PIN. It’s a bad idea, and it’s inappropriate of them to be asking for it. They’re asking you to trust their privacy policy, and they’re probably a new small company with no reputation you can look into. But even Facebook does this. With the login and password to your email account, any unscrupulous person with access to that data can very easily steal your identify by using the “I forgot my password” link on any other website where you have an account, quite possibly including your bank.

A new technology called OAuth has just made some news which will allow websites to share information like online address book contents without the need to swap passwords back and forth. This is exactly what’s needed, but it will take time for many services to evaluate and implement. Six Apart’s David Recordon wrote a good piece explaining OAuth. In the meantime, make it a practice never to type in your Gmail password anywhere but a Google site.

Facebook Messaging just got better...

Facebook Messaging just got better…

Do they really want me to use their little message program instead of email? Maybe the kids already do.

Daring Fireball: On Top

Daring Fireball: On Top

I hadn't really given much thought until recently about top- vs. bottom-posting. "Does it take more time to edit the portions of quoted text included in your reply? Yes. So does spell-checking and proofreading."

Daring Fireball: Non-Top-Posting Reply Scripts for Apple Mail

Daring Fireball: Non-Top-Posting Reply Scripts for Apple Mail

"My first must-fix annoyance is that Mail’s Reply feature is hard-wired to encourage top-posting, an uncouth and illiterate practice."

Jeffrey Zeldman Presents : E-mail is not a platform for design

Jeffrey Zeldman Presents : E-mail is not a platform for design

How to Import All Your Archive Email Into Gmail

How to Import All Your Archive Email Into Gmail

Gmail recently added the ability to check POP mail, and just dropped the restriction that the feature wouldn’t work with other Gmail accounts, so you can now import your old non-Gmail mail. It’s not quite simple, but it works nicely.

Use Gmail to Send Mail From Other Addresses

Use Gmail to Send Mail From Other Addresses

You can now set Gmail up to send out email from another account, if you need to.

New version of gCount

New version of gCount

I use this little program to check my Gmail for me without having to keep the browser window open. A few weeks ago Gmail changed something and gCount stopped working. This new version fixes that.

Law Barring Junk E-Mail Allows a Flood Instead

Law Barring Junk E-Mail Allows a Flood Instead

Spam volume has increased by a third since the CAN-SPAM legislation went into effect.

DomainKeys Versus the Spam Kingdom

As slashdot reported yesterday, Gmail has begun signing all its outgoing mail using Yahoo!’s DomainKeys. The system works like a very complicated wax seal. Imagine that I told everyone that I’d never send a letter without melting my seal onto it, and imagine that it’s impossible to duplicate my seal and only I have access to it. If you got a letter from me bearing my seal, you’d know I that it was from me and no one had already opened it. If you got a letter that didn’t have a seal, you’d know it might not be genuine. Google is the first major mail provider to support the technology (including Yahoo!, even though they invented it), but hopefully their backing will get other services to jump onboard.

An interesting consequence of this is that lots of legitimate services are going to start getting themselves into trouble. Say you read a news story you think a friend might find interesting. You might click their little “email this” button, fill out your name and address, their name and address, and click “send.” Many sites will send the email with your address as the sender. The problem is that you didn’t really send this email, the news site’s server did, and it’s just pretending to be you*. This doesn’t seem like that big of a deal, but generally I don’t want any email going out from my account if I didn’t actually type the message.

Since Gmail is now signing all of its messages with a domain key, you can be certain that any unsigned mail from a Gmail address was not sent by that address’s owner. In the above example, the email sent from the news site wouldn’t be signed, as it didn’t go through your email provider. Gmail has already started putting in a warning message whenever an unsigned letter comes in, so if you get a news snippet it might register as suspect because they spoofed your address. This is a good thing, because hopefully it’ll put the pressure on legitimate sites to stop spoofing.

Most email has very little security built in. Spammers use that fact to send out millions of messages using fake email address. Virus writers use that fact to send out malicious code using your address. From what I can tell, DomainKeys is a good, open service that anyone can use for free. If enough email providers jump on board, it could virtually eliminate spam.

*Yahoo! does this correctly. It sends all its mail from “refertofriend@reply.yahoo.com” and puts your address in the “reply-to” field. Many websites get it wrong, including the comment notification systems in Movable Type and TypePad.

Gcount and Gmail Notifier

Now that I’m using Gmail as my primary mail provider, I’ve gone searching for a few utilities to make it work more like a desktop client.

The two biggest gripes I have with webmail are that it doesn’t work with mailto: links and that you have to check manually to see if you have mail. I’ve found good solutions for both of these issues. At work on my PC I use Google’s own Gmail Notifier, which pops up a little dialog by the system tray. It also lets you associate it to mailto: links, but seems to get confused if you also use Outlook for another account. For MacOS X I’m really liking gCount. It sits in your menu bar and turns red and optionally plays a sound when you get new mail. To make gCount your default mail handler you’ll need to open Apple’s Mail, go to its General Preferences, and select it instead of Mail.

I considered using Gmail Loader to import all my old mail, but decided against it because the mail doesn’t get imported with the right date and I think it’ll only be a matter of time before Google implements an import function (they already have for contacts).

Gmail Primary

In the interest of saving money I’ve decided to let my .mac account lapse when it expires next month. Please consider my Gmail account to be my primary address for the time being.

I very much prefer client email to web-based, but unless someone wants to throw some venture capital my way (I have tons of ideas) so that I can quit my job and work from home, webmail works better when moving from my work PC to my iMac to Katherine’s PowerBook.

PGP for Apple Mail

I got around to setting up PGP on my iMac today. Email doesn’t have very much built-in security, so without a system like PGP there’s no way to know that the message you’re getting from someone is actually from who it’s supposed to be from and says what it’s supposed to say. Here’s how to set it up to work with Mail:

1. Download the latest version of GNU Privacy Guard for your version of MacOS.
2. Mount the GnuPG Mac OS X disk image and run the .mpkg installer.
3. Download the latest version of GPGKeys.
4. Decompress the .tar.gz and drag the GPGKeys file to your Applications folder.
5. Run GPGKeys. From the “Key” menu, select “Generate…” A Terminal window will open. You can select the default options for each choice unless you know what you’re doing. When prompted, enter your real name, email address, and comment (handle). Once the key is generated you can quit Terminal.
6. Download the Sen:te PGP plug-in for Mail.
7. Run the “Install GPGMail” script.
8. Open Mail. Everything should be working now. When composing a new message you’ll see a new checkbox that lets you choose your key and sign your message. When receiving a signed message you’ll be able to verify it.

Of course, this will only work for me when I’m using my home computer and not my Gmail account, but at least I have it set up now.

It's Not a Flower

I get a small but steady flow of undeliverable mail notifications that seem to be the result of a virus. Chances are that someone out there who has me in their MS Outlook address book has a virus that’s sending out messages posing as me and probably others. My understanding is that if you use MS Outlook you should be running a virus scan about once every 10 minutes.

.mac Webmail’s Unreliability

Dear .mac Team,

I pay $99/year for your service. For me, the most important parts of the .mac package are the wonderful email and webmail interface you’ve designed. While I love the ease of use and ability to use iSync to keep my address book mobile, I feel it is inexcusable that I see this screen an average of 2-5 times a week. I only use webmail during office hours. Such unreliability should not occur during peak times.

You need to fix your reliablity issues if you want me to continue paying for your service, especially considering the good things I’ve been hearing about Gmail.