Beware of myMail.
If you use the my.com myMail app you may be interested in this.
With most email clients for POP and IMAP your phone or pc / tablet your device will connect directly to your mail provider and retrieve or send your messages.
When you use myMail your phone connects to the myMail servers which then login to your mail provider. At first I just thought it was a proxy, for whatever reason they force you to use their proxy was beyond me but then realized it was much more than just a proxy.
I always monitor my server logs on my mail server and kept noticing a login for my ex wife’s email account every ten minutes coming from a myMail ip address. I didn’t think much of it really because I use myMail and see connections from their “proxy” all the time. I assumed for months that she must be using it also.. Finally we talked about it and she said she doesn’t use myMail. We both checked all our devices she didn’t use it at all and it definitely was not in my myMail app.
I was really boggled and a little worried I thought maybe someone else was checking her email but it was coming from myMail servers so I didn’t really know. I changed the password on her account and then just like it had been doing for the last year, ten minutes later myMail servers tried checking her email but this time got the failed login response and never checked it again. There wasn’t one more single failed attempt and that put an end to the myMail servers even attempting to check her email.
I wondered why the hell would they still be checking her email a year after uninstalling myMail . She had used my myMail for a very short time and didn’t like it but yet a year later myMail servers are still checking her mail every ten minutes.
In the end I was kinda disappointed about the privacy and really wondered why this would happen. I didn’t know if they were actually keeping all her email or if it was just her account maybe got stuck in their server or some innocent scenario. I had no clue but it did bother me greatly.
I did a test. I created a brand new email account that has never been used for anything and added it to myMail. Sure enough just like it’s supposed to it logged into my server (through the myMail “proxy”) and checked my email. Then I signed out and removed the account from myMail.
Well that was a few days ago and the myMail servers are still checking my email every ten minutes. They could be saving millions of people’s email. My problem is they shouldn’t even be accessing your email and there’s no way to know what they do with it once they have it.
Basically if you ever used myMail even for one second and didn’t like it, they have your login credentials . They obviously have your credentials stored on their server and they could have all your emails years after you stopped using it.
It’s too bad because I really do like the app and 99% of people would never realize what’s going on in the background. They just click a button and see their email. Well this is shady and I don’t think you should have to connect through their proxy and sure as hell don’t think there’s any excuse at all to be checking accounts after they’re removed and or uninstalled the app completely.