On 2004-01-29 12:33:35 +0000 Chris Green chris@areti.co.uk wrote:
Why is it that so many of them use IMAP as the source of the mail they allow you to access?
It's probably trying to avoid wheel reinvention. IMAP is quite a nice method of remote access (apart from uw-imap) and it moves a lot of the complicated problems from the web interface program to the server. At worst, you have to handle mbox, mh and maildir mailboxes, along with any shared mailboxes, newsgroups and so on. That said IMAP connections often aren't easy to configure, in my experience. They're not used as much as POP3 and normally by power users, so many ISPs and authors aren't very good at describing the settings required: they seem to assume you already know them or can figure them out.
WebMail really wins when you want to be a little paranoid and only open your IMAP server to the places that you know you want access from. A misconfigured/badly written IMAP server will let you send passwords over the net as clear text, and give an attacker full read-write access to all your files. I've seen it done. At least if you only allow IMAP access to your local network and the webmail server, it limits the potential for damage.
If you want a WebMail that does other tricks, you probably will have to look harder to scratch that rarer itch. Please keep your review notes as you go along and publish them afterwards, to save those that follow from repeating your work. You might even get helpful suggestions after you first publish those notes.