On Mac, should I use Outlook, Thunderbird or Apple's own email client?

Just got a Mac with Mavericks. I need an email client that will work with my webmail and allow me to capture stuff from my gmail.

It's been a long time since I've set up email, so I've forgotten everything. Here are the details that my ISP sent me if it's any help.

I'll be using it for pleasure and business, so being able to keep track of conversations (like in gmail) would be really useful.

Incoming server port: 110 for POP3 accounts and 143 for IMAP

Outgoing server: smtp.*****.co.uk

Outgoing server port: 1025, if this does not work use Port 25

Outgoing server requires authentication and should use the same username and password as the incoming server.

Use secure password authentication: Off

Use SSL: Off for incoming and outgoing servers

Outlook for the Mac is garbage.. though for a simple POP account shouldnt be a huge deal.. it starts falling apart if you have large or several large mailboxes

Thanks for the response. I've got about 4k emails that I need to download (and delete huge amounts). Would you say that's too large for the client to handle?

I've been using Apple Mail about as long as it's existed, more because I'm used to it (and haven't found anything else that's clearly better) than because I actively like it. The version that shipped with Mavericks last fall had some quirks regarding Gmail accounts, but it's since been patched into making more sense.

Thunderbird is my second choice. I've seen some good reviews of Postbox, but haven't tried it at all. I'm also looking forward to the beta of the OS X version of Mailbox; I like the iOS version, but wonder how well it'll translate to the desktop.

Apple Mail and Mailmate are both pretty good.

For that super retro feel, you could try Mutt.

Outlook is pretty nasty on OSX. It even fires up the discrete GPU on Macbook Pros, so it uses a lot more battery than it should.

Thanks chaps. Sounds like I'll be using Apple mail.

I've been using Thunderbird for a long time, and I'm perfectly happy with it. In my specific case, I run an IMAP server of my own, so that my mail is in a central location, and then I can use it from any machine, with any OS. And because I use Thunderbird everywhere, everything is pretty much the same, wherever I happen to be.

I'm not aware of any other clients that are cross-platform and work as nicely as Thunderbird does. However, if you're removing mail from remote servers and storing it locally, then the mail lives on just that one machine, so a cross-platform solution would be less attractive. It still means, however, that you're not tying yourself into a proprietary solution. If, in the future, you want to run Windows or Linux, you can just move your Thunderbird profile and mail database across to the new machine, and everything should keep working.

Outlook kind of sucks on Macs, and doesn't exist on Linux at all, and Apple Mail runs only on Macs. If you're not planning on getting married to OSX, and want to keep your options open, I think Thunderbird could be pretty appealing.

Hmm. Good points Malor. I'm on a Mac at the moment, but I don't know if that will always be the case. At some point I want to get a PC for gaming so that might become the main machine. I have no plans to run servers of my own and I've no experience moving profiles and mail databases.

Really I'm the limiting factor because I want minimal hassle. Plug in and go.

Use IMAP. Your mail stays on the server, you don't have mail databases you need to move around when you switch from client to client or device to device.

You can install Thunderbird and try out Mail.app and see which you like best.

I've got email back to '97 on Mail and it still seems fine. I do have an unwieldly number of rules built up but I'm not sure if the situation is necessarily better on other clients.

Use IMAP. Your mail stays on the server, you don't have mail databases you need to move around when you switch from client to client or device to device.

Problem with that is that governments claim that email left on other servers for more than a short period of time (a month or so, I think), is 'abandoned', and that they can freely search it without a warrant. Between that and the fact that I don't particularly trust corporations with my privacy, I don't like using other people's IMAP servers for more than very short-term storage.

I run my own, so I get all the advantages of IMAP, but all the data stays under my control. This is just about ideal. I use dovecot on Linux, which I like a lot. I didn't think it was hard to set up at all, but I'm not sure how a good a solution this would be for most people. If you're not at least basically familiar with Unix, it would be a long slog to get it working. (Note that you wouldn't need a full email solution; you could use the provider to receive mail, and then just move it over to your local server via your mail client, or with a utility like fetchmail.)

If that wasn't an option, I'd rather use local databases than a provider's IMAP.

The really nice thing about a local IMAP server? I can change both servers and clients without missing a beat, and have, in fact, done so. I use to run, um, I think it was cyrus imapd, and switched that over to dovecot without having to reconfigure my clients, and I've probably used every major email client that exists, just trying them out. Using IMAP as an abstraction layer means that you're not getting married to anything or anyone... if you end up not liking part of your email solution, you can freely change it with little impact on anything else.

Malor wrote:

Problem with that is that governments claim that email left on other servers for more than a short period of time (a month or so, I think), is 'abandoned', and that they can freely search it without a warrant. Between that and the fact that I don't particularly trust corporations with my privacy, I don't like using other people's IMAP servers for more than very short-term storage.

I wouldn't consider any unencrypted message sent or received through any means as having any truly worthwhile level of privacy, particularly when the discussion is about privacy from government entities.

Granted, the perfect being the enemy of the good, I won't suggest that hosting your own doesn't provide some benefit in this area. But it's impractical for most people, and I think the privacy benefits of downloading mail via POP3 versus accessing it from the server via IMAP are questionable at best.

I hope the rumors of Google looking at bringing PGP to Gmail in a user-friendly way are true. It will almost certainly not be a perfect solution, but anything that actually puts email encryption on the table for ordinary users is an important first step.

I wouldn't consider any unencrypted message sent or received through any means as having any truly worthwhile level of privacy, particularly when the discussion is about privacy from government entities.

It helps prevent "parallel construction", where they lie about how they figured out how you had incriminating email in your system. The NSA uses its taps to find you, and then tells other branches of government to go get you, and where to look for the damning evidence. (which is WILDLY unconstitutional, but that's what they're doing.) But if you aren't storing the email on public servers, they can't easily pretend they just happened to notice it lying there.

Running your own email server also allows you to use opportunistic encryption, which helps against passive surveillance. It doesn't help against an active attack, because most OE is just using self-signed certs, so a government that has you in its sights can easily impersonate your mail server and read anything they want. And if the other side is a major email provider, they may already be be actively helping the government monitor the other person's email.

But spoks can't read the email between two servers using OE without taking active steps to do so... a passive tap won't work.

DNSSec should make that kind of MITM attack more difficult, but I don't even know how to do that yet.

Thunderbird has the nice tree view for message threads and includes a usenet interface, but these days I use Apple Mail exclusively on Mac. It's really quite good, and has some nifty features (VIPs, for example). Either way though, absolutely use IMAP. POP is a terrible protocol used by terrible people to inflict pain and suffering on others. If you use IMAP then the data all stays on the server and you can switch clients whenever you want.

Thanks everyone. I've installed thunderbird and have been working through almost 6,000 emails. I may switch things up in the future.

*Legion* wrote:

I hope the rumors of Google looking at bringing PGP to Gmail in a user-friendly way are true. It will almost certainly not be a perfect solution, but anything that actually puts email encryption on the table for ordinary users is an important first step.

I'm using GPGTools with Apple Mail and the integration is really quite good. The process of signing / encrypting is pretty much automatic. Gmail is decent in that it will separate out the signature of a sent message, but yeah, it doesn't allow you to receive encrypted email. I'm really not super surprised about this anyway, since a lot of the reason Gmail is free is because they search it so they can more effectively advertise to you.

complexmath wrote:

since a lot of the reason Gmail is free is because they search it so they can more effectively advertise to you.

That is true, which is why the news that they were researching how to implement PGP/GPG into Gmail was surprising.

Wired's story frames the idea as the hit to search being treated as an acceptable loss in the name of retaining users from abandoning Google entirely. I'm not sure how credible that idea is, but there's that.

The research also likely involves figuring out how to still data mine even if messages are encrypted. Sure, they can no longer just mine on the server, but what about performing mining client-side via JS when the user opens and decrypts the message? Maybe the Chrome browser itself scans the decrypted message and sends the mined data back to Google via the user's Chrome Sync. Or some other sort of secured connection from the user back to Google.

Pure speculation on my part, but I would not be surprised if the research involved kicking around ideas like these.