One such activity is to redirect any “non-WWW” requests to the server to the proper “www.domain.com” structure, just to keep everything neat and tidy. Since it is not a URL redirection service, the overall length of the domain name shouldn’t matter.

The complaint from McAfee is as follows:

“When we make a request to the root directory (/) of the web server the server responds with a 301 or 302 redirect to another domain.”

I may just be a bit “old school”, but I certainly don’t consider “www.domain.com” to be a different domain from “domain.com”, but apparently McAfee has to, or at least they believe that they have to now since we haven’t had this problem in the past.

So now, it seems that we have to remove this redirection in order to pass the security scan and retain the “McAfee Secure” rating for the web site.

One of these days we may be able to get back to designing web sites for the users, and not for search engines and security scanners, but that day still seems to be far off.

One service that MicroSoft offers intends to help consumers avoid “phishing” scams, or online scams in which a web site attempts to appear to be another web site in an attempt to steal personal information such as passwords, account numbers, etc. A common version of a “phishing” scam is one in which an e-mail is sent to a potential victim that explains that their account information at some web site needs to be updated. The links in the e-mail send the person to a site that looks an awful lot like the site that the e-mail mentioned, but it is not, and unless the user is savvy enough to glance in the “address” bar of their browser, they may not know that they are not on the correct web site.

To correct this from happening, MicroSoft introduced the “Phishing Filter” to MSIE with the intention of notifying a user that the web site that they are on is not what it actually claims to be. In other words, it alerts you to when one web site is pretending to be another.

Today, I noticed that a web site that I am developing was triggering this phishing filter for some reason. There was no obvious problem that should lead the filter to believe that the web site was pretending to be another, so I filled out the form and decided to check the FAQ on MicroSoft’s Phishing Filter. However, when I tried to access their FAQ, I received the following warning:

In other words, the web site “phishingfilter.microsoft.com” is pretending to be “smartscreen.microsoft.com” by using its security certificate.

This service that is supposed to protect me from one web site pretending to be another is itself attempting to use the certificate of another web site.

This does not instill trust! Do not do the exact thing that your service is supposed to be preventing – seems like common sense.

(As an aside, MS responded promptly to my inquiry and resolved the issue with the site that I am developing, the SSL cert issue remains.)

Another example comes from a web site which offers analytics services. The site touts how great their analytics software is, how you can’t be without it, and generally provides all of the marketing pitch that you would expect from such a web site. However, after I checked the source code of the web site I noticed a curious thing:

The web site that is touting their analytics software uses Google Analytics for its own analytics. I supppose that this is to track their PPC advertising campaigns, if their own analytics is unable to track this information, but it does seem strange.

This does not instill trust! Don’t use a competitor’s product in your own sales pitch – don’t let a customer see you driving a Toyota to your job at the Chevy dealer as a sales representative.

In and of themselves, these two examples are really no big deal and do not represent any major problems or flaws, however, they are enough to cause me (the potential customer/user) to doubt the services that both of the companies in these examples were offering.

Nobody likes to receive unwanted e-mails. The advertising, scams, ‘phishing’ plots and other garbage that arrives in our Inboxes is an inconvenience, even if all that we have to do is press the Delete button when we receive them. Many e-mail users cannot be bothered with configuring ‘white’ and ‘black’ lists and rely on their e-mail service provider or web host to tackle these issues for them.

In addition to the anti-spam measures that your provider may take, there is another step that can be done to reduce the amount of rubbish that arrives in your Inbox. It is simple and easy to accomplish, if your host allows the relatively common feature of e-mail forwarding. (Contact your e-mail service provider if you are not sure whether or not you have this feature).

In a nutshell, the quick and free anti-spam measure involves forwarding your e-mail through Google’s GMail service. The details of this procedure will follow. The reason for doing this is simple – although GMail has come under fire from some concerned citizens, the fact remains that their anti-spam filters (some borrowed from other companies) are among the best, and their service is free. Their filters are constantly being improved and updated, so it seems to be a no-brainer to take advantage of this. The issue then is how to use GMail’s filters while retaining your e-mail address of you@yourcompany.com.

Since Google announced that GMail can be accessed via POP3 (the standard method of e-mail programs to connect to e-mail servers), it is no longer necessary to go to the GMail web site to send and receive mail through the service. This opens up the possibility of using GMail for anti-spam and anti-virus protection while not having to change the e-mail address on your business cards.

The process is simple – first, register for a GMail account if you do not already have one. Second, follow the instructions provided by Google for setting up your GMail account in your mail program (Outlook, Outlook Express, Thunderbird, etc.) Third, access the control panel for your e-mail (again, consult with your e-mail service provider on how to set up mail forwarding) and forward your mail to your GMail account.

Do not delete the information from your original e-mail account in your mail program – this will enable you to send e-mail ‘from:’ your original e-mail address and not from your GMail account. This provides the transparency to correspondents as all e-mail will appear as coming from your you@yourcompany.com address, and all incoming mail will be coming through GMail, and consequently, through GMail’s filters.

This method does have its drawbacks – there have been times when mail with certain attachments (html pages in particular) is blocked by GMail. Therefore, it is good to have an unadvertised ‘backup’ e-mail address on your primary domain that you can give to people who need to send you files via e-mail that are being blocked by GMail. The benefits of using GMail’s filters outweigh the inconveniences – we have noticed a significant drop in unwanted e-mail since implementing this simple redirection on our mail accounts.