This howto discusses the setting up of a new BCISGNet TLS/SSL secured email service email account for use with the Mozilla MUA (Mail User Agent, aka Mail Reader), and other MUAs. Including the M$ Outlook Express MUA.


We recommend setting up a BCISGNet email account using IMAPs (SSL secured IMAP) for compatibility with the BCISGNet WebMail service. Though the POPs (SSL secured POP3 protocol) can be quite satisfactorily used in conjunction with the our email service. We recommend the use of the IMAP protocol for maximum compatabilty as IMAP allows the mail to moved between multiple folders (directories) on and off the BCISGNet servers. Even if you do not intend to use the webmail service there is still the single important advantage that IMAP allows you to download the body of an email for reading on demand. Which translates to real a cost saving if you are using a dialup account. The POP protocol has no facilities to move mail on or off the server and worse requires all new emails to be completely downloaded (even though you can set the 'leave messages on server' option in the accounts server options, which allows for limited compatibility with the the BCISGNet WebMail service.

Server Certificates

The BCISGNet TLS/SSL secured mail service uses server certificates signed by our own BCISGNet CA (Certificate Authority) rather than signed by a 'commercial' CA, an otherwise rather costly exorcise. Allowing us to provide a fully TLS/SSL secured service without the burden of such costs, which one might add provides no added value to either the functionality or strength of encryption what so ever. The only impact is a rather 'rude' insistence that the certificate is untrusted by some proprietary MUAs or the gentler hint that the certificate authority is not recognised by Mozilla. The only value of a commercially signed certificate is in it's recognition, and asking for the acceptance our server certificates prior to use, we think, 'is not much' to ask all considering.

Note: Accepting a Server certificate is as simple as clicking on an OK button in a popup dialog. The opportunity is usually also presented to permanently remember the certificate. We recommend permanently remembering our server certificates in order to avoid the otherwise rather pesky popup. BCISGNet CA reserves the right to change its certificates from to time for administrative purposes. However impending changes will be notified to our users and on our website. The most MUAs also have a feature to permanently remember passwords. Which is usually presented in the password request popup dialog. Use this feature with discretion and in line with any security policies applicable.

For your convenience the howto is split into 3 parts as they are heavy on the graphics