Securing mail from your website to a mailbox

By default a wordpress installation uses a method of sending mail that does not use a mailbox to send the message and does not encrypt the message. Email cannot be confirmed to be end to end secure unless you know the receiving or sending person is using encryption and is set up correctly; you can encrypt mail in the places where you control email so that it is encrypted from the website to the mailbox. If it is your mailbox, and you know that your mail client is set up correctly with encryption, then you have end to end security. If the website is running over SSL and the address starts with https:// (98% of them are now), then a user entering information into a form is also encrypted. So the path from the users browser, through your contact form, from the website to your receiving mailbox is encrypted and cannot be intercepted as plain text.

How do I make the changes

Log into your website and go to Plugins.
Seatch for WP Mail SMTP, locate it and install it. Continue reading Securing mail from your website to a mailbox

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Do You Send Newsletters?

New recommendations for Newsletters

Some of you are using Mailpoet on your websites to generate newsletters. I have run into a lot of problems sending out my newsletter this month, I have had to send it three times. I checked through my logs and found that a very small number came out last month as well. I have been investigating what has happened.  The top two entries in the image below show there is a problem because rather than a 65%+  opening rate, there is a 4% opening rate.

Continue reading Do You Send Newsletters?

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Google Recaptcha v1 Withdrawn

YOU ONLY NEED TO TAKE ACTION IF YOU CHECK YOUR SITE AND SEE A MESSAGE LIKE THE ONE ABOVE. IF YOU DON’T SEE THE MESSAGE YOU ARE UNAFFECTED.

It seems that Google have withdrawn Google Recaptcha Version 1 function that is used on some contact forms wef 31/03/2018. Please check your contact form now and see if this has happened to you. It was withdrawn yesterday. If you have this problem on your site nobody can send you a message so it is important to resolve it quickly.

Self Help

This is what you need to do:

Login to the site go to Forms in the sidebar menu and select it.

This for most people will show a single form or multiple forms. Select a form and open it in the editor and check to see if the bottom most item says New reCAPTCHA.

If you have that on your form, delete it. Then save the form.

Check ALL of the forms on your site if you have more than one. Save each one.

On completion go into your site as a user would, and locate each form and send a message to confirm it is working. Check the form still makes sense as well.

This has removed the Spam Protection mechanism used in this form. So your spam count may go up as a result of making this change.  However your visitors can still send you a message.

This particular form plugin is no longer supported by the author, so we should probably find an alternative form. Check back on this site later for a solution that uses the new or an alternative Google ReCaptcha function.

If you immediately start getting hit by an increase of Spam let me know please.

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Nominet Messages

The following is applicable if you have a domain ending in .co.uk, .org.uk or .uk

Nominet are the issuing authority that manage any domain names ending in .uk. In the 7 years I have been working with Charities and not for profit groups, I have needed to contact them twice, once being a difficult case where the registrant of a domain name had passed away. The organisation represented by the domain name needed to regain control. They are very helpful, but have been largely a passive organisation; there when you need them.

I had an instance this week, which was unusual and it raises a lot of questions, none of which have been answered. However I think it is worth raising to your attention because if your domain name is registered against your email address, and they contact you and you fail to respond, or miss the mail, or ignore it, then you risk your website and email being taken offline.  Continue reading Nominet Messages

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Webmail…..

… is not JUST webmail

I thought I would make some comments here following some conversations I have had recently with people. There may be some misunderstandings.

Multiple 10GB mail boxes

If you are using the mail accounts provided with the hosting, the mail boxes are each 10GB in size. While you can access them through this address: https://stackmail.com you can also access them through ANY device with a mail client (aka mail program).

I personally access my mail account on the following devices:

iPhone, iPad (using the native email application), Macbook using Mac mail, iMac using Mac mail, Windows 7 desktop running Outlook & Thunderbird, Windows 10 laptop running Outlook and on any of those devices I can also use a browser to get to webmail. I also run my accounts as IMAP. This means on each device, I get the same view of my mail including any special folders I have set up. This is because I am viewing mail on the server, and not locally. If I was set up as POP3 on my clients, then the server is only used as temporary storage for mail.  Continue reading Webmail…..

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

IP Geolocation and why it may be important

I frequently use something called IP Geolocation to find out where a user is located for forms, enquiries, or any log evidence of someone doing something to try to establish if they are who they say they are.

It does not work 100% but I would say it works in 99% of cases. The router or gateway you use that your network/ computer is plugged into has an address allocated to it by your service provider (BT, Talk Talk, NTL, etc). For most of us the IP address changes from time to time and is referred to as dynamic. They do this to make sure it is hard to run your own web server from home. If and when you reset your router, when it comes back online it will likely have a new IP address. You can find out what your IP address is by clicking on this link. Continue reading IP Geolocation and why it may be important

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Phishing Page

What is it?

We have all read about phishing trojans, but many of you probably do not know what they are or how they work. I came across one over the weekend while backing up a client’s website. My anti virus system prevented me from downloading the backup to my computer and warned me that one was present. As I was concerned about the security of this particular website I took it apart to find out where it was, and what it was doing.

Phishing

Phishing refers to a form of identity theft, it is where credentials like a user name and password are compromised, often without your knowledge. Other than reading about them, I had not come across one before. This one relates to stealing the credentials to access someones email address and email password.

I turned off my anti-virus (not recommended if you do not know the risks) and downloaded the zipped folder containing the files into a special area on my computer and then inspected the files. Two files contained code, one was a web page. Only one of the files was being flagged as the one containing the Phishing Trojan, the file contents were very simple, they packaged up the information and sent out an email to two recipients.  Continue reading Phishing Page

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Adding a signature to webmail

I  had a question about how to add a signature to webmail. A signature allows you to pre-compose part of your message, and for this to be added to any standard email. So in other words you do not need to write the end of your email each time.   This is a feature that is in Thunderbird, Outlook and many other mail programs. It will be buried in the features somewhere. At the end of this piece I will tell you where you can locate it in Outlook. For now this concentrates on Webmail.

What is Webmail?

Webmail is simply an application that runs in your browser and allows you to access (send and receive) email. It is very basic, but will meet most people’s needs without having to splash out for a mail program. Everyone in my hosting has access to this. Continue reading Adding a signature to webmail

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail