One of the most fascinating developments on the Web in the past two years has been the emergence and evolution of free e-mail services. These Web-based electronic mail tools have evolved from mere curiosities to services with features that are attractive to enterprise users. Unfortunately, those features mask some important security risks. Despite those risks, many corporate users are using free e-mail because of its convenience, ease-of-use and flexibility for the traveling user.

Free e-mail services are based on a simple business model: The cost of providing e-mail service is cheap. If an Internet user provides some information about their interests and buying patterns, advertisers are often willing to pay for a user’s electronic mail service. Privacy advocates cringe at the thought, but thousands of online users give away demographic information every day to get free e-mail accounts. If you’re willing to be exposed to a steady stream of online advertising, then free e-mail services offer you electronic mail and a lifetime e-mail address.

Any wary online user should note that a lifetime on the Web is probably a couple of years, and "free" has a variety of meanings. In fact, one of the first free e-mail companies that promised a lifetime free e-mail service, FreeMark, has already folded. Another company has taken over its previous customers, and a free e-mail account at that provider now costs $23.95 per year.

Corporate mail users have been signing up for free e-mail services in droves. One reason may be that the services make it possible to avoid policies that ban the use of corporate mail for personal activities. A more telling reason is that Web-based services enable users to read mail from publicly accessible mail servers. Travelling corporate users love the ability to check their mail from anywhere on earth with just an Internet connection and Web browser. I know some travelling executives who no longer tote their notebooks. Since most conferences and business destinations provide access to the Web, travelers can use free e-mail accounts to read and respond to their everyday mail.

Of course Web-based mail isn’t a substitute for traditional e-mail clients. If you use both, a user must constantly check the inbox at a traditional mail client and then use the Web to get mail from their free service. But one company, New Email Communications Systems, Ltd., has built a gateway called CwebMail for two of the most popular free e-mail services. That means you can retrieve, read, respond and send free electronic mail with your traditional mail client. By simply creating an e-mail account that communicates with the gateway -- instead of the Web-based service -- you can avoid the advertising on the free e-mail services and still take advantage of the free account. Mail that passes through the free e-mail gateway looks just like mail from any other Internet-based mail service. Internet users love it because it allows you to manage all your mail accounts -- corporate, personal and free e-mail -- from a single mail client. Purveyors of free e-mail hate it because it breaks the business model on which their services are based.

There’s a different issue that’s important. If you are using a Web-based e-mail service to pick up mail from a standard e-mail account -- or, if you are using a gateway that provides access to a free mail service -- you have to provide your user account and password. If you are picking up mail from your corporate account you have to send the Web-based e-mail service the name of the mail server you intend to use, your user account and the password that goes with it. I wonder how many users think carefully about handing over their account details to a third party before taking advantage of this service.

In the case of the Web-based mail gateway you must supply the user account details of your free e-mail service to intermediary servers that act on your behalf so you can retrieve messages from the free mail servers, and then return them to your mail client.

Some corporate network managers might be uncomfortable with the fact that these new mail services have access to user account details that are normally not shared with outside organizations. In either case, free e-mail services have pointed out a telling corporate need: Travelling users need simple, secure access to electronic mail using a Web-based interface. Until network administrators meet this need, users will continue to take the risk of handing over sensitive account information so they can have the benefits of Web-based electronic mail. --Mark McFadden is a consultant and is communications director for the Commercial Internet eXchange (Washington). Contact him at