[WEB4LIB] Netscape email and security questions

Tue Aug 3 09:45:07 EDT 1999

Anne--

> I'm hoping to get some feedback on how other libraries are addressing
> the use of Netscape email on their OPAC terminals.  Currently, our staff
> and students use Groupwise for email and are discouraged from using
> Netscape Messenger as their email application; however, more pc-savvy
> students can use Netscape Messenger by editing preferences as needed so
> it's not impossible to do.

Make it impossible.  Use Netscape Standalone 4.08 which doesn't have
Netscape Messenger.  Also, disable preferences by renaming or removing the
prefui32.dll file.  

If you still have trouble with people changing your settings (someone
might carry their own prefui32.dll on a diskette or could download one)
consider locking the whole thing down with a combination of Fortres 101
and either Ikiosk or Cooler.  Full Control by Bardon Software is also
effective and economical.

> 
> However, the primary rationale provided by our Information Tech. people
> for discouraging use of Netscape is "relay rape" and the "lack of
> adequate security"  -meaning that a user could easily disguise their
> identity and send out spam and/or messages in the name of other people
> (e.g. faculty, staff, etc.)

Right.  Letting unauthenticated users have access to Netscape Messengeer
is irresponsible.

> 
> However, this also has some undesirable effects - e.g. discourages most
> users from emailing useful websites under the "Send page" option in
> Netscape (unless preferences are edited); 

Why can't they write down the URL and send it once they're back on their
own email?  Surely, if it's that important it can wait.  On the other
hand, if it's just another Dilbert cartoon. . . .

 >forces all users to use
> groupwise (web-based client for students, pc and web clients for staff)
> as their email application, with its atttendant strengths/weaknesses.
> 
> What we would appreciate knowing is how other academic libraries are
> addressing the use of the Netscape Messenger application; specifically,
> 
> 1.  Are your users allowed/prevented from using netscape's mail
> application, for similar reasons?

> 2.  Are these security risks present in other applications (e.g.
> groupwise?).

> 
> Any other points re: the use of netscape email and security are also
> welcome.
> 
> Kindly reply to me and I can summarize for the list if desired.
> 
> TIA for any assisatance you can provide...
> 
> 
> 
> Anne Kaay
> Catalog & Systems Librarian
> Trinity College
> 125 Michigan Avenue, NE
> Washington, D.C.  20017
> Phone: (202)884-9354
> Fax:  (202)884-9362
> Email:  kaaya at trinitydc.edu
> 