No option for HTTPS/SSL with Dreamhost's Gmail?


#1

There appears to be no option to enable HTTPS/SSL for your webmail when you use Gmail with Dreamhost. A normal Gmail account has this option, Gmail through Dreamhost does not.

There is no “always enable HTTPS” option as per https://mail.google.com/support/bin/answer.py?answer=74765&topic=13262

There is no way to enable SSL for the domain as per http://www.google.com/support/a/bin/answer.py?hl=en&answer=100181

They’re just on on the settings page, but my regular Gmail account does have these!

There is nothing to be found about this by searching these forums or Google. Am I the only one who is worried about this, or am I the only one who’s too stupid to find this option?


#2

It isn’t really “Dreamhost’s Gmail”. It’s Google’s Gmail.

You’re right, the setting isn’t there if you login through your google.com/a/domain.com interface, yet the option is there on all ‘regular’ Gmail accounts. They do have a ‘beta’ overlay on the Mail icon within Aps so that might have something to do with it. Maybe they’re waiting for enough people to request the option as default - or perhaps will offer it as a paid extra in the future.

One thing of note is that the login page is https, as is the logout function. This is probably the important part really, and is the same as the default Gmail behaviour.

Off Topic: I just noticed when testing this out on various accounts is that one of my mail.domain.com results in a 404 when it should be directing to Gmail like the rest do, so thanks for posting about this or I may not have noticed that for some time!

Maximum Cash Discount on any plan with MAXCASH


#3

The problem that securing ONLY the login/logout is POINTLESS if from then on your cookie (used to authenticate you) and your emails fly over the internet unencrypted.

This means that checking your email through the Dreamhost setup is totally insecure, and anyone can hijack your account. Goodbye privacy, goodbye access to your email. Check the current tech sites: Gmail is insecure without HTTPS and that’s a big problem.

So without a HTTPS function, Google’s Gmail/Apps through Dreamhost is an insecure “feature” that seriously SUCKS.


#4

It’s Google Apps mate, not Dreamhost.

https://www.google.com/a/

Use Dreamhost email or a standard Gmail account if you require ‘complete’ https email transactions.

Maximum Cash Discount on any plan with MAXCASH


#5

Yes, well, obviously. Did you think Dreamhost would offer a service that looks like Google, is hosted by Google, and is called Google Apps/Gmail/Calendar?

The point is:

Using Google Apps/Gmail through Google is SECURE.
Using Google Apps/Gmail through Dreamhost is INSECURE.

I don’t understand that someone at Google or Dreamhost said, “Well, we’ll offer the Dreamhost customers 99.9% of the functionality of Gmail, EXCEPT the very important option to check your mail securely. For people coming to Gmail via Dreamhost, we’ll just remove this single option.”

Conclusion: Gmail through Dreamhost SUCKS.


#6

No, the point is Gmail through Google Apps doesn’t allow “always on” https in individual mail account settings. Yet.

I was struggling to ascertain what makes you think Dreamhost have somehow setup the way that Google Apps functions, until I realised you’re unaware of how the Google Apps system actually works. I’ll try give you a quick rundown.

Google introduced “always on” https in late July. It was rolled out over their regular Gmail accounts. These accounts are single entities. They are not invovled in any domain transactions like Google Apps accounts. Gmail accounts are running in a different system.

Google Apps is a domain orientated system. The adminstrator of domain mail is the one who is responsible for switching “always on” https transactions for the domain’s clients. If you were a Google Apps Premier Edition admin (ie. they have your credit card and are charging you) you’d have the functionality already. If you’re not you’ll just have to wait it out.

It might pay you to check your admin account because it is being rolled out to non-paying customers, but the paying ones get first call.
And rightly so I should think.

  1. Visit https://www.google.com/a/cpanel/yourdomain.com

  2. Sign in with the ‘Domain Admin’ account you setup initially.

  3. Click the [color=#0000CC]Domain Settings[/color] TAB along the top.

The SSL switch for Google Apps will appear between your New Services and Features and Control Panel fields.

If you don’t see it yet, ensure you have selected to ‘Automatically add new Google services’ and ‘Turn on new features’ then sit back and wait until they get around to you. If you can’t wait to have https functionality across your Google Apps, I’m sure they’ll be happy to sign you up for Google Apps Premier Edition.

There is no conspiracy.

Maximum Cash Discount on any plan with MAXCASH


#7

That’s a real bummer. The only Apps account I have aside the Dreamhost one (which is for a European domain), DOES have the SSL option. The one for my Dreamhost domain does not. I guess I’m stuck till its my turn to be “upgraded” by Google for this account as well.

Thanks for the explanation. I hope this gets fixed soon, as it’s pretty much unacceptable in today’s situation, with internet café’s, open wifi networks, etc.


#8

Agreed.

Portable email clients with public key encryption are a necessity these days too.

Maximum Cash Discount on any plan with MAXCASH