Hi my Friends
i'm writing a book for beginners to teach them how to protect themselves in computer's world. but i have a question about email.
if you do some googling about email managing methodologies you'll find some ways to check your email such as email client programs (like thunder bird, outlook) or web mail.

some website says avoid using email clients just use web mail and others has reverse idea. i wanna ask which ways is MORE secure for email managing?

As you know  email server uses to protocols POP3 and IMAP which protocols is best for  email clients program (i mean for security purpose)?

Thanks

Cyber.spirit

 

please help me i need it to my book

Your right man nothing in security world is 100% true or false and those two ways has thier own risks or benefits. But totally i mean very  totally is it a good idea to download all of the mails on the pc? I think using an email client like thunderbird and configure it to use remote folder (with imap portocol) should be more secure (not 100%) what do u think?

It's only secure if you take additional measures to protect it. Use SSL with IMAP and encrypt your hard drive.

Yes man i googled it many times. But as i said my book is for beginner and i think u can guess most of them are windows user and if email client's problem is downloading all of attachments as i've said u can use imap to work with a remote folder. So any other problems with email client? I think with email client u can avoid web session hijacking attacks and MAYBE SOME OF phishing attacks so it must be better whats ur idea? And email clients like thunderbird can let av to scan the mails

Then you should have already found most of the arguments for webmail vs email clients from Google results. What resources have you obtained so far?

You're really talking apples and oranges here. Different vulnerabilities affect webmail vs email clients. Yeah, an email client probably isn't affected by web session hijacking, but it can be affected by heap or stack buffer overflows. Third party plugins can cause security issues as well.

In the end you can't say one is better than the other - it's up to the user's personal preference. In some cases you can't use webmail (eg: if you work in a corporation that requires you use Outlook). In other cases, webmail might not be good enough because it's hosted on someone else's servers.

superkojiman most of the results is about speed or the differences of services and so on not security and those security results has different ideas.

Jjwinter not a bad idea i'll work on it