As for RIMS part in BIS email… When you type a message on the BB it goes to RIM’s server or onto the BIS. From the point of writing the message to the server it’s encrypted. When it hits the BIS for processing that stops… there is no encryption for BIS like there is for BES – which is why you want SSL enabled for email…
The following is the breakdown:
For incoming email the Yahoo port is 143 no SSL – that cannot be changed… that is the “deal” they have with Yahoo and you can’t change it to the typical SSL port for Yahoo which is 995. For outgoing… the BIS basically logs into your Yahoo account and the “send” is like you sent it from Yahoo on the web. People like email clients so they can select enable SSL (or encryption). Typically, that is why people use the email clients on their smartphones. If the outgoing is the equivalent of “web based” you are offered no advantage of going through the BIS. Yahoo incoming/outgoing has no SSL enablement – again, you might as well be accessing Yahoo from the web.
Gmail can be on port 143 (which mine was) with no SSL or port 995 with SSL – the outgoing is the same as Yahoo’s scenario. RIM/BIS log into Gmail and it goes out as if you were on the web… Now Gmail uses “https” by default (they recently changed that whereas before you had to enable that feature.) “Https” is secure… So Gmail looks better with encryption for outgoing, but you would need to check to make sure you are not on the incoming port 143 like I was, unknowingly. Gmail’s incoming/outgoing is the equivalent of other smartphones – you can get Gmail secure. Heck, Gmail is secure on the web… but Keep in mind that depends on what you think of Google themselves – I think they know more than they should in regard to my personal business and limit their use.
Hotmail can be on port 110 no SSL or port 995 with SSL. The outgoing is the same – like you were on the web, and Hotmail like Yahoo offers no “https” so you have no SSL for outgoing. Hotmail “can” (depending on the incoming port you have set up) deliver incoming secure – but not outgoing.
The carrier specific addresses like (carrier)blackberry.net is port 110 incoming no SSL and port 25 outgoing no SSL. So, this is like Yahoo – just… nothing.
In regard to security the BIS offers nothing over web based mail…
Based on the above I will be deleting my AT&T account as well as Yahoo through the BIS… If you aren’t a Google fan, you really have no “good “option here for email through the BIS.
At this time they have no intention of changing this. They also said this information is all readily available through “Terms and Condition” when you set up your email through the BIS. I haven’t checked but so what if it’s there – it’s bad. They can wave it like a banner but it still sucks. The iPhone, HTC’s, Nokia ALL have the ability to encrypt or enable SSL for the incoming/outgoing ports for their email clients. That is just the norm right now. Again, that’s a big reason people use smartphones…
At least disclosing the above (not buried in terms and conditions) let’s the user decide how to protect themselves. Especially since credit card statements and banking can be done online now.
I wanted to know what was behind the BIS wall…
Now we know – there is no wall.
Sandy
p.s. I had to submit a support ticket and pay RIM .99 to get this information – to get specifics about the ports, which is not disclosed in the Terms and Conditions…
