Must. Have. Email.
March 11, 2005 7:28 AM   Subscribe

Can someone please help me access Gmail despite my companies officious blocking policy?

The IT department finally got around to blocking all email from work under the guise of stopping viruses from getting to the network. Using 'https' worked for a while but died recently. Meanwhile all the anonymous surfing systems online either don't work or require an expesive monthly fee to do POST activities. I'd appreciate any suggestions, especially ones with exact instructions because I'm not the most technically expert person.
posted by Vaska to Computers & Internet (39 answers total)
Are they only blocking email via the web? You could find out by using Gmail's POP mail with Outlook. [instructions inside]
posted by nitsuj at 7:42 AM on March 11, 2005

Response by poster: That's the cute thing, they're blocking it via the web and they also threaten to fire anyone who redirects it to their business email address. Also, in case anyone asks we have *no* privileges on our computers, I can't even install the Google Toolbar.
posted by Vaska at 7:46 AM on March 11, 2005

Forward all your gmail mail to your work account. You can choose to keep the copy on the gmail servers.

As an IT employee in a large organization I can assert that most of the virii that come into our network come from people's webmail. Your admins may be reaching the end of their rope between virii and spyware.
posted by tayknight at 7:47 AM on March 11, 2005

Well, you could still use Gmail POP without forwarding it to your work address. Setup a second profile in Outlook Express. Sounds like if they're being THAT anal, they probably wouldn't allow this maneuver either, though.
posted by nitsuj at 7:49 AM on March 11, 2005

See if they haven't blocked any pop3 to webmail providers and use one of them.

I've used these people before (not for gmail) and it works reasonably well. The only thing I don't like about it is that, when you reply, the formatting isn't that great.
posted by ralawrence at 7:49 AM on March 11, 2005

I'd give up this fight. Your IT department seems determined to stop you from checking personal email. Any hole you find is going to be filled, at the risk of your job.

If you reeeally want to check your email at work, you could look into a Blackberry or similar device. (but that's money)
posted by alana at 7:53 AM on March 11, 2005

Do you have a home computer with a broadband internet connection? Then set up VNC, and check you email via your home computer. I wouldn't recommend this, because your office seems pretty determined to stop you from checking your email, but at least you can tell them that it keeps web email entirely off of their computers (you'd only be controlling your computer remotely).
posted by gd779 at 8:10 AM on March 11, 2005

Good suggestion, gd779. To comment further, I use RealVNC. Super easy to install, super light-weight. I'd ask first before you install the client on your work machine, though.
posted by nitsuj at 8:12 AM on March 11, 2005

Vaska: Uh, you realize people often get fired for trying to do what you're trying to do?

Your call, of course, if you _really_ need that email.
posted by xmutex at 8:14 AM on March 11, 2005

I work in a similar environment. I'd give it up, if I were you, and just check e-mail at home. If some of your home mail is that important, give folks your work address or buy a Blackberry. It's not worth losing your job over.
posted by tr33hggr at 8:14 AM on March 11, 2005

I've toyed with the idea of handling all personal email from work, etc through Remote Desktop.
For this, you will need...
- A fixed i.p. address at home.
- An always on internet connection at home which is accessible from your work. (i.e. it's not blocked)
- A computer running XP Professional on that Internet connection.
- Port 3389 unblocked on your Home Firewall / traffic to port 3389 routed to your XP proffessional machine.
- Remote Desktop Client on your work computer.

With this configuration, you can just log onto your home PC and check your email from home. No risk of downloading viruses onto the work PC, and all traffic is encrypted.
posted by seanyboy at 8:18 AM on March 11, 2005

Don't use VNC - Use Remote Desktop Connection. It's much faster.
posted by seanyboy at 8:19 AM on March 11, 2005

I got all excited when I saw this because I'm dealing with the same policy at my work. But nothing mentioned here has worked, unfortunately (haven't gotten into the remote options mentioned above though). My way around it was to convince them to get me a dialup account and a second phone line. But I don't abuse it - most days I don't even check it. A pretty convoluted and unlikely workaround, I suppose...
posted by hellbient at 8:25 AM on March 11, 2005

Seanyboy, if you use dynamic DNS (such as this), you don't even need at static IP address.

I've previously worked at a company that would have blocked everything suggested above. The corporate filewall allowed nothing but http traffic from desktops unless specifically requested, and then required applications had to be submitted in triplicate, signed by the almighty himself. Even the sys admins couldnt access newsgroups/pop3 blah, blah with the exception of about two members of staff. Add to that, possibly the most strict site blocking I've ever seen (which amounted to blocking just about everything and you having to prove it was for business use). If your guys are anywhere close to this then I suggest you admit defeat as well or risk the wrath of the BOFH.......
posted by qwerty155 at 8:31 AM on March 11, 2005

Response by poster: Xmutex : Really? No! I've never heard of such a thing. I'm shocked! Okay, very sorry for the sarcasm but I hear this so often it's gotten a bit grinding. Without sounding too much like a jerk (Yeah, I know, too late) they can't afford to fire me. I'm also not just goofing off for the email, I'm a temp with several jobs (Welcome to the new economy eh?) and I forward my real email to gmail to check. I'm also being pretty good about only checking my email on lunch time.
posted by Vaska at 8:32 AM on March 11, 2005

heh, firewall.
posted by qwerty155 at 8:32 AM on March 11, 2005

I would suggest either sending an email to the IT department heads (possibly via your manager) or finding a new job. When my employer started scanning all internal machines for MP3s and deleting them, I sent an email telling them that when they start treating their employees like criminals, they risk losing loyalty. I lost about a gig of self-ripped audio on my workstation simply because management thought "MP3s are illegal!" It took about a month for them to finally realize this was a slipperly slope and reverse the policy.

Treating you like a dangerous intruder on their network should offend you. Instead of trying workarounds (that others have pointed out may risk your job) you should speak up and let management know that draconian policies have more negative effects than positive.
posted by Plutor at 8:35 AM on March 11, 2005

they can't afford to fire me.

Famous. last. words. But good luck on the email thing.
posted by xmutex at 8:37 AM on March 11, 2005

another solution (more for seanyboy than the original user) is to run a linux box at home on a permanent connection (doesn't have to be a fixed address - i use with a dynamic address); collect all your email there (getmail to download; procmail to filter) in imap folders; then either use an imap client or run webmail on that computer (i use squirrelmail). this works well for me, especially since i can ssh to that machine and use mairix to seach emails.
posted by andrew cooke at 8:53 AM on March 11, 2005

Response by poster: Ralawrence : Thanks.

Seanyboy, Nitsuj, Andrew Cooke : I like the idea, is there any way of doing that on an OSX box though?
posted by Vaska at 8:57 AM on March 11, 2005

Company policy at my workplace is similarly onerous for the most nebulous of reasons, so what I finally did was start bringing my Powerbook with Bluetooth, a Bluetooth phone, and bought an unlimited GPRS/EDGE10 data plan from my cell provider. Now I can read mail and browse from just about anywhere in the country.

I keep my personal hardware entirely off the company LAN, for the obvious security reasons, but this enables me to do whatever I need to do without needless restrictions.
posted by majick at 9:41 AM on March 11, 2005

VNC is a better solution because it they have webmail blocked, they most likely have most of the uncommon ports (like 3389) blocked as well. With VNC you can change it to use port 80 (as long as they are not using a proxy based firewall of course).
posted by internal at 9:46 AM on March 11, 2005

Here's something I've done in the past to encrypt all of my web traffic on it's way out my work's internet connection. It requires that you have a machine somewhere on the internet (home/colo/friend; we'll call it 'home' and your work computer 'work') running a sshd server and a http proxy (I use squid). If 'home' doesn't have a static IP, use dyndns as mentioned by andrew cooke.

This will work if your home machine runs unix, it's a mac running OSX, or probably even if it's windows, as they do have sshd and http proxies for windows.

1. Set up a squid proxy on 'home' that listens on port 8888. This guarantees that noone else will be able to use the squid proxy unless they have a login to 'home'. (You do NOT want to put up a public http proxy, so this is important!)

2. ssh from 'work' to 'home' and configure ssh port forwarding so that port 8888 on work forwards to on home.

3. Configure your browser on 'work' to use your new "local" http proxy at All http traffic will now be encrypted and sent through your ssh tunnel to your home machine, where it will be decrypted and sent to the proxy.

This is really pretty simple. If you don't have an ssh client for windows, google for putty.exe; it's small and free and works well.

If you get as far as setting up ssh and squid but still have problems, feel free to email me.
posted by cactus at 9:57 AM on March 11, 2005

You could always get a mobile phone with a data plan and POP email access, and use that to check your email while at work. My phone (Nokia 6600) does it - I got it for free from my network, and the data plan is a pittance each month (a few of our British pounds)
posted by ascullion at 10:07 AM on March 11, 2005

Also, RealVNC has a Java applet based viewer that would probably look like regular web traffic to IT (not sure about this part though--they might profile the traffic and block it).
posted by MikeKD at 10:25 AM on March 11, 2005

If they haven't blocked POP3/IMAP you can still read your google mail using say Portable Thunderbird.
posted by Mitheral at 11:17 AM on March 11, 2005

I have a question.

This is your personal email you're trying to check, yes? As in, completely unrelated to business?

So do it on your personal time. You can't sit at work and make personal phone calls all day, so why is there this perceived right to personal emails? You're being paid to do what the company tells you to do. They say you can't check personal email; deal.
posted by dirtynumbangelboy at 11:22 AM on March 11, 2005

I've had a similar problem at work. If you have a server with a broadband connection at home that runs a webserver, or if you have access to an ISP that hosts websites you should try setting up a CGI proxy. This demo (login: free, password: speech) should give you an idea of how this works.
posted by gigglesticks at 11:24 AM on March 11, 2005

i'm with dirtynumbangelboy. Don't you think that by circumventing their security you'll be a security threat? Imagine the egg on your face when the next virus to come onto the network originates from your machine.

personally I just remote desktop into one of my home boxes.
posted by furtive at 11:34 AM on March 11, 2005

furtive >> Don't you think that by circumventing their security you'll be a security threat?

My stance has absolutely nothing to do with any security risk, and everything to do with being at work, for crying out loud. Except in cases of emergency, you are there for work, not personal business.
posted by dirtynumbangelboy at 11:42 AM on March 11, 2005

Got a server with PHP on it? Run gmail-lite on it. Give yourself a businessy domain name and URL for it too. Worked for my friend's office, heh.

My friend says it is a slap to install. Just unpack the tar, basically.
posted by bonaldi at 12:00 PM on March 11, 2005

dirtynumbangelboy: So do it on your personal time. You can't sit at work and make personal phone calls all day, so why is there this perceived right to personal emails? You're being paid to do what the company tells you to do. They say you can't check personal email; deal.

Holy-grinch-er-ony dnab, was that a helpful response? At a minimum your lunch hour is your own personal time. I don't know about your local but I'm entitled to two paid 15 minute breaks plus at least 30 minutes of unpaid lunch during an 8 hour work day. And that is just the legal minimum some places provide a paid lunch break. I imagine you could say they are stealing network resources by check mail during there personal time but that seems kind of a stretch considering no one askes you to stop consuming building resources or heating/air conditioning/lighting resources during your lunch break.
posted by Mitheral at 12:03 PM on March 11, 2005

Apple has something called Remote Desktop, but as far as i can tell the screen-sharing facilities it offers are simply VNC. Plus it's $300.00. OSXvnc provides VNC for OS X, but I couldn't tell you how to configure it.
posted by seanyboy at 12:15 PM on March 11, 2005

some people that don't like their surfing blocked can use..Megaproxy. small fee, hidden urls, encryption, etc. I use it and like it.
posted by edmo at 12:44 PM on March 11, 2005

Since it's clear that they don't want the traffic on your work network, and I suspect that attempts to go around will result in diciplinary action (they may not fire you, but they might decide not pay you for a week instead), why not use another service?

You can check gmail on your cell phone. A quick search turns up Gmail-mobile. Alternately, if you can receive RSS feed to your PDA/smartphone, you can do it that way too. Were I you, I'd stay off the work network and use a cellular one.
posted by bonehead at 1:16 PM on March 11, 2005

is there any way of doing that on an OSX box though?
i haven't done it. you'd have to see if the various programs were available. i would guess it is possible - mail software on unix is broken into very standard components.
posted by andrew cooke at 2:02 PM on March 11, 2005

If you or a friend has a server with php, you could setup Gmail Lite on it...
posted by krisjohn at 3:02 PM on March 11, 2005

I'm not being a grinch; you're there to work. Doing whatever on your break is fine, of course.. except that the computers are company resources, and they're well within their rights to decide how and when you're allowed to use them. End of bloody story.
posted by dirtynumbangelboy at 4:23 PM on March 11, 2005

Who owns the computer and the network to which it's connected? If it's not you, don't try to circumvent the policies your employers have developed for the use of their resources. If you MUST check your personal email at work, buy your own computer and use your own (wireless, perhaps) network.
posted by aberrant at 10:09 PM on March 11, 2005

« Older Where to find a cheap digital camera?   |   Can Safari work with Sharepoint? Newer »
This thread is closed to new comments.