Problem:
Accessing your mail account by the means of a secure connection is no longer a privilege, but a must. And especially when using public hotspots it’s quite important that not only the login process gets secured, but the content transmission too (I don’t like broadcasting my private mails in the ether). Recently Google introduced a HTTPS setting for all Gmail accounts.
More on this topic can be found in the Gmail help: Enabling the HTTPS setting
But despite being free for all Gmail users, there’s no such a setting for Google Apps mail accounts. Or more precisely – for the users of the free Standard Edition (look here at the comparison and check the “SSL enforcement for secure HTTPS access” tick).
Solution:
Fortunately, there’s a small workaround which can be used in that case. If you have such a possibility, make a web redirect for you domain in the form of:
gmail.example.com -> https://mail.google.com/a/example.com/
This way accessing gmail.example.com (or any other address you like in your domain, for instance webmail.example.com or mail.example.com) will redirect you to the secure login page of Google Apps Gmail. What’s important, this way Google remembers the setting (accessing the login page with HTTPS) and all the way long the connection is secured with SSL. A bit ugly, but works and till the time Google rethinks its features politics, it’s probably the only way to get it done without going for the Premier Edition.
Update:
This is probably no longer valid as Google began the deployment of this feature without prior limitations.
Seems Google is faster than my blog postings are. Don’t know if it’s a general feature deployment process, but my free account just got a HTTPS switch in the settings panel. Good to see they are indeed at times rethinking things.