Runbox 7 updates March – May 2023: Framework upgrades and interface improvements

May 9, 2023 Leave a comment

This constitutes a major upgrade to the framework and libraries that Runbox 7 is built on, which will facilitate further continuous upgrades and features.

It also includes several bug fixes and improvements, including storing display preferences on the server. This will make the user interface work more consistently across browsers, devices, and sessions and result in a more streamlined experience.

  1. Internal changes (deps): bump ua-parser-js from 0.7.31 to 0.7.33 (75df34d)
  2. Internal changes (deps): bump jszip from 3.7.1 to 3.10.1 (ef32ab1)
  3. Bug fix (drafts): Ensure we only refresh drafts once per folders update (f024af2)
  4. Bug fix (delete): Catch/Prevent more errors by ensuring defaults (5e83f89)
  5. New feature (mailviewer): Display incoming attachment sizes (926ab4b)
  6. Bug fix (compose): More readable attachment file size display (e44fc63)
  7. Visual changes (security): Specify which special characters are allowed in passwords. (#1401) (c575f06)
  8. Internal changes (deps): Update angular2-hotkeys to v13 (85aee64)
  9. Internal changes (deps): Upgrade to angular 12 (11b3aeb)
  10. Internal changes (deps): Update nodejs version for CI (a5cd077)
  11. Internal changes (deps): Upgrade angular-datetime-picker (2a87817)
  12. Internal changes (deps): Upgrade to v13 (4c744c1)
  13. Internal changes (deps): Change swupdate.available to swupdates.versionUpdates (ad7b36a)
  14. Internal changes (deps): Move from tslint to eslint (c010fca)
  15. Internal changes (deps): Remove –aot for start-use-mockserver (08afe91)
  16. Internal changes (deps): Remove SingleMailViewerComponent from rmm6.module.ts (ddebc3f)
  17. Internal changes (deps): Upgrade cypress to 9.7 (c38f460)
  18. Internal changes (deps): Update ical.js to 1.5.0 and use ES2020 modules (9bf6dda)
  19. Internal changes (deps): Fix selectFile file path (ee83c8f)
  20. Internal changes (deps): Update dependant packages (2c11d60)
  21. Internal changes (deps): Upgrade to angular v14 (cddac42)
  22. Internal changes (deps): Explicitly specify runbox7 for build (1b07233)
  23. Internal changes (deps): Upgrade angular/material to v13 (adef6c3)
  24. Internal changes (deps): Revert to angular/material v11 for auto upgrade (97f89cc)
  25. Internal changes (deps): Manually upgrade to angular material v12 (3e04baa)
  26. Internal changes (deps): Upgrade material to v13 (3096d97)
  27. Internal changes (deps): Upgrade angular-datetime-picker to v14 (3876111)
  28. Internal changes (deps): Upgrade to material v14 (c280c39)
  29. Internal changes (deps): Fix missing hues for SCSS (6a916d5)
  30. Internal changes (deps): Update @angular-eslint packages (8b0c16f)
  31. Internal changes (deps): Upgrade to angular v15 (2374336)
  32. Internal changes (deps): Upgrade to angular material v15 (6dc73b2)
  33. Internal changes (deps): Remove duplicate @include from SCSS (b35a68a)
  34. Internal changes (deps): Change default browser for CI to firefox (ab522f6)
  35. Internal changes (deps): Upgrade npm, comment out pre-build.js integrity check (ff13958)
  36. Internal changes (deps): remove –browser firefox from e2e tests (ab8b437)
  37. Internal changes (tests): Add DISPLAY=” to ci-tests (8441a51)
  38. Internal changes (deps): Remove unused protractor dependency (6e0f935)
  39. Internal changes (deps): Upgrade core.js to v3 (7aa65d3)
  40. Internal changes (deps): Remove unused protractor files (b7c312b)
  41. Internal changes (deps): Upgrade @angular-devkit/build-angular and move angular/compiler-cli to devDependencies (4cd4bc2)
  42. Internal changes (deps): Remove unused ajv dependency (b447972)
  43. Internal changes (deps): Upgrade angular-calendar (a273376)
  44. Internal changes (deps): Update rxjs to v7 (a87c0b3)
  45. Internal changes (deps): Upgrade @angular/pwa (d4850f0)
  46. Internal changes (deps): Remove array-flat-polyfill (8c527d8)
  47. Internal changes (deps): Update moment-timezone and remove uneeded @types/moment-timezone (478eb5a)
  48. Internal changes (deps): Update rest of dependencies (excluding timymce) (5ed129b)
  49. Internal changes (deps): Update jasmine to latest version (d0084df)
  50. Internal changes (deps): Upgrade karma to latest version (da8a151)
  51. Internal changes (deps): Update ts-* deps and node types (0b7abb4)
  52. Internal changes (deps): Update start-server-and-test (ee77754)
  53. Internal changes (deps): Update eslint and @typescript-eslint (4285f0d)
  54. Internal changes (deps): Update cypress to v10 (d350af9)
  55. Internal changes (deps): Update cypress to v11 (480b506)
  56. New feature (all): Store user preferences on the server (1409515)
  57. New feature (compose): Store last used HTML compose setting (dc1a75e)
  58. Bug fix (mailview): Store “prompted for local index” preference on server (0d9085e)
  59. Internal changes (preferences): Ensures tests set defaults, test correct values (035f28c)
  60. Bug fix (preferences): Remove old style local storage after conversion (7ca13b7)
  61. Bug fix (preferences): Ensure higher server version takes precedence (d8766f8)
  62. Bug fix (preferences): Load screensize before settings (da76123)
  63. Internal changes (deps): Update cypress to v12 (4ba7f7e)
  64. Internal changes (lint): Only include src/ else we run out of js heap memory (f359c38)
  65. Internal changes (deps): bump @npmcli/arborist and npm (9cf4279)
  66. Bug fix (compose): Generate Reply/Fwd header text only when needed (7afcbf7)
  67. Bug fix (compose): Convert reply/fwd text if compose HTML default is on (c512556)
  68. Bug fix (maillist): Store and reload column widths from preferences (cfb732d)
  69. Visual changes (preview): Improve formatting of the empty preview pane. (60fcacf)
  70. Visual changes (mailviewer): Increase vertical flexibility of subject field. (364272b)
  71. Visual changes (mail menu): Improve read and unread icons. (93e75ae)
  72. Bug fix (changelog): Add missing categories and improve formatting. (fd5c902)

Continue Reading →

Phishing: What it is and how to avoid being scammed

March 31, 2023 Leave a comment

In the past few weeks there have been a series of phishing attacks aimed at a small subset of Runbox customers. The goal of these scams is to trick unsuspecting email users into clicking on malicious web links and entering their Runbox username and password, enabling the scammers to steal their password.

At Runbox we are constantly on guard against phishing attacks against our customers, and here we take a closer look at this increasing problem and some simple steps you can take to protect yourself.

As a summary, ensure that you check:

  1. The From address. Phishing messages almost always come from a random email address that do not match our list of Official Runbox Email Addresses.
  2. The message addresses you by name. Scammers typically only have lists of email addresses without any first or last names, so if the message does not address you by your first and last name it is likely to be a scam.
  3. The legitimacy of any email with links. Check where the link will actually take you. Hover over it with your mouse, and you can see whether it will in fact take you to some random address not associated with Runbox at all.
  4. Any false urgency. Runbox will never pressure you to act suddenly. Scammers may try to create a sense of urgency to persuade you to do what they’re asking.

What is phishing?

Example of a recent phishing message

Phishing is a type of cyber attack in which an attacker attempts to obtain sensitive information such as usernames, passwords, or credit card details by posing as a trustworthy entity via email messages.

The word “phishing” is derived from fishing and refers to using lures to “fish” for sensitive information. Phishing attacks typically use social engineering to gain a victim’s trust, and use spoofing such as faking an email address or URL to make the attack appear legitimate.

When phishing attacks are targeted at certain services or individuals it’s called “spear phishing”, and in this case they appear to be sent from Runbox Support, the Runbox Team, or other similar official sounding names.

Email users who are unfortunate enough to receive a spear phishing message and end up divulging their Runbox login details can end up having their Runbox accounts hijacked and used to send spam, which then forces us to suspend the accounts until the customer can regain access.

With access to an email user’s account the attackers may then be able to access their personal information and use it to commit fraud or identity theft, which can in turn result in financial loss or worse.

Naturally such account hijacking causes much confusion for the affected customers in addition to the privacy intrusion and consequences for the recipients of the spam being sent, which is often another phishing scam. The phishing then continues to cascade to new groups of innocent users of other email services, while exploiting people’s trust and rarely being caught.

It is important to understand that these scammers are criminals, and that being tricked into disclosing any login details can have serious consequences.

How to spot phishing

The easiest way to see whether a message is in fact from Runbox is to check the From address, as phishing emails almost always come from a random email address not on any Runbox domain names such as runbox.com.

Example of legitimate email from Runbox

You can find more details on this here: How can I tell whether an email is legitimate?

Another important clue is whether the email addresses you by name, or whichever name you have entered in your Runbox Account details. Attackers typically only have lists of email addresses without any first or last names, so if the message does not address you by name it is likely to be a scam.

The third way to check the legitimacy of any email which asks you to click on a link, is to check where the link will actually take you. Some phishing links look like they link to a Runbox web page, but if you hover over it with your mouse, you can see that it will in fact take you to some random address not associated with Runbox at all.

If in doubt, go to our main website Runbox at https://runbox.com for information, or contact us via Runbox Support at https://support.runbox.com.

Do not be fooled or threatened by the scams

Most phishing emails have a very urgent and even threatening tone, trying to scare the recipient into acting right away to avoid having their account shut down or disrupted.

The scammers might even read our blog or other web pages and notice that we have two webmail versions, and subsequently send messages claiming that if you don’t switch to the newer version within X days, then your account will be shut down, for instance.

Legitimate messages from the Runbox Team will always give notice about something happening in the future, or optional new features.

Catching the scammers

We are constantly working to improve our defenses against phishing attacks, spam, and viruses, and we take immediate action to remove spear phishing messages as soon as we become aware of an attack.

If you have received any scam emails like the ones described above without responding in any way then your account is perfectly safe. We do however appreciate you notifying us via Runbox Support at https://support.runbox.com so that we can take steps to protect you and our other customers against the attack.

We also highly recommend enabling our Two-Factor Authentication features, which will keep your account safe even if your password should be stolen. For more on this, please see our Account Security Help page at https://help.runbox.com/account-security/.

If you have any doubts about an email you have received, then please don’t hesitate to contact Runbox Support at https://support.runbox.com.

Continue Reading →

On the EU-US data transfer problem

March 19, 2023 Leave a comment

At Runbox we are always concerned about data privacy – “privacy is priceless” – and we put some effort into keeping ourselves updated on how the EU’s General Data Protection Regulation (GDPR) affects privacy related issues. That’s because we want to be prepared in case something happens within the area that will affect the Runbox organization, our services, and consequently and most important: our customers.

The case of EU-US data transfer is highly relevant because Runbox has an organizational virtual modus operandi, and that this could lead to an opportunity to involve consultants that are residing in the US. We know that many of our customers are as concerned as we are about data privacy, so we believe it is pertinent to share our findings.

In blogpost #15 in our series of the GDPR we referred to the Executive Order signed by US President Joe Biden on 07 October 2022. This happened six months after the US President and the President of the EU Commission Ursula von der Leyen with much publicity signed the Trans-Atlantic Data Privacy Framework on 25 March 2022.

Joe Biden and Ursula von der Leyen at a press conference in Brussels. [Xavier Lejeune/European Commission]

In this blog post we will take a closer look at the Trans-Atlantic Data Privacy Framework, and the process thereafter.

Trans-Atlantic Data Privacy Framework

The objective of the Framework is to (re)establish a legal (with regards to the GDPR) mechanism for transfers of EU personal data to the United States, after two former attempts (Safe Harbour and Privacy Shield) were deemed illegal by the Court of Justice of the European Union (CJEU).

The Framework ascertains United States’ commitment to implement new safeguards to ensure that ‘signals intelligence activities’ (SIGINT, intelligence-gathering by interception of signals) are necessary and proportionate in the pursuit of defined national security objectives. In addition, the Framework commits the US to create a new mechanism for EU individuals to seek redress if they believe they are unlawfully targeted by signals intelligence activities.

Following up the 25 March 2022 Biden–von der Leyen agreement, the US president signed on the 7 October 2022 the Executive Order (EO) ‘Enhancing Safeguards for United States Signals Intelligence Activities’.

US compliance with the GDPR

Subsequently a process was initiated on 13 December 2022 within the EU Commission to assess whether the US, after the implementation of the EO, will meet the requirements qualifying the US to the list of nations that is compliant with the GDPR Article 45 “Transfers on the basis of an adequacy decision”. That is, whether the European Commission has decided that a country outside the EU/EEA offers an adequate level of data protection. To those countries, personal data may be transferred seamlessly, without any further safeguard being necessary, from the EU/EEA.

Inclusion of the US on that list is of course very important, not least for companies like Facebook and Google, and US companies offering cloud-based services as well. The Court of Justice of the European Union (CJEU) has deemed earlier transfer schemes (Safe Harbour and Privacy Shield) illegal, so “the whole world” is waiting for the EU Commission’s adequacy decision.

This came, as a draft, 14 February 2023 where the Commission concludes (page 54) that “… it should be decided that the United States ensures an adequate level of protection within the meaning of Article 45 of Regulation (EU) 2016/679, …)

(The figure below illustrates the “road” for legislative decisions in the EU. A more comprehensive description of the legislative procedure can be found here.)

However, the same day, 14 February 2023, the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament concludes.. the EU-US Data Privacy Framework fails to create actual equivalence in the level of protection; ..” and “..urges the Commission not to adopt the adequacy finding;”.

Incompatible legislative frameworks

There are two important arguments, among others, behind the Commission’s conclusion: 1) There is no federal privacy and data protection legislation in the United States, and 2) the EU and the US have differing definitions of key data protection concepts such as principles of necessity and proportionality (for surveillance activities etc.), as pointed out by the Court of Justice of the European Union (CJEU).

Shortly thereafter, on 28 February 2023, the European Data Protection Board (EDPB) made public their opinion on the decision of the EU Commission regarding the adequacy. The EDPB has some concerns that should be clarified by the Commission, for instance relating to exemptions to the right of access, and the absence of key definitions.

Furthermore, the EDPB remarks that the adequacy decision is only applicable to US organizations which have self-certified, and that the possibility for redress provided to the EU data subjects in case of violation of their rights is not clear. “The EDPB also expresses concerns about the lack of a requirement of prior authorization by an independent authority for the collection of data in bulk under Executive Order 12333, as well as the lack of systematic independent review ex post by a court or an equivalently independent body.”, as stated in Opinion 5/2023.

The next step in the process is voting over the Commissions proposal in the European Parliament, probably in April, and thereafter the adequacy decision must be approved by all member states, before the EU Commission’s final decision.

The Commission may set aside the results of the voting in The Parliament, but one should expect that the critics from The Committee on Civil Liberties, Justice and Home Affairs, and the concerns of EDPB, will impact the implementation of the Framework.

Here it would be prudent to recall the statement made by the Austrian non-profit organization NOYB, chaired by Maxmillian Schrems: “At first sight it seems that the core issues were not solved and it will be back to the CJEU sooner or later.”. This refers to the verdicts of the CJEU (Court of Justice of the European Union) condemning the former frameworks Safe Harbour and Privacy Shield – the verdicts bearing the name Schrems I and Schrems II, respectively.

Bottom Line: The final outcome of the process is unclear, but in any event we have to wait for the final decision of the EU Commission.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought regarding any specific circumstances.

Continue Reading →

Runbox 7 updates November 2022 – March 2023: Performance improvements and other upgrades

March 2, 2023 Leave a comment

Improvements to the app performance as well as several bug fixes.

  1. Visual changes (start): Improve formatting. (cdd4304)
  2. New feature ure(index): Separate message updating into its own thread (0c5470a)
  3. Internal changes (index): Tweak tests (and code to pass tests) for web workers (0a9f4b0)
  4. Bug fix (index): Ensure we verify folder counts against the api (1830cbb)
  5. style(payment): Clarify main accounts vs sub-accounts. (f5bd0ef)
  6. Visual changes (payment): Improve tables and buttons, and default to USD. (bf9d7a2)
  7. Visual changes (payment): Correct button style declarations. (6ed082a)
  8. Bug fix (test): Update tests. (5bcb46d)
  9. Internal changes (index): Tidy up some debugging code (6c80615)
  10. Internal changes (deps): bump engine.io and socket.io (9f38fd3)
  11. Internal changes (deps): bump decode-uri-component from 0.2.0 to 0.2.2 (f6d83a1)
  12. Internal changes (deps): bump tinymce from 5.10.0 to 5.10.7 (e0637d9)
  13. Internal changes (deps): bump express from 4.17.1 to 4.18.2 (f173b2c)
  14. Internal changes (index): Remove some index/worker console logging (f257902)
  15. Bug fix (messagelist): Ensure drag&drop of selected emails moves them all (633515d)
  16. New feature (messagelist): Allow drag&drop from more table columns (db21e68)
  17. Geir/condensed layout 2 (#1338) (8640b1d)
  18. Bug fix (inbox): Show notification when new messages appear (ef603ef)
  19. Geir/condensed layout 2 (#1344) (42a7a72)
  20. Bug fix (maillist): Add error catching for the mail list updating (89499bd)
  21. Bug fix (messagelist): Ensure user-actions don’t stop the index updates (509839a)
  22. Bug fix (messagelist): Log errors thrown by postMessage, keep worker alive (034dbb9)
  23. Visual changes (payment): Add link to Sub-account section. (2384b37)
  24. Internal changes (deps): bump json5 from 1.0.1 to 1.0.2 (6b8514b)
  25. Internal changes (deps): bump luxon and rrule (fe0405e)
  26. Internal changes (deps): bump qs from 6.5.2 to 6.5.3 (ac8703c)
  27. Internal changes (deps): bump moment-timezone from 0.5.28 to 0.5.35 (3516498)
  28. New feature (overview): Improve time span options. (02358ef)
  29. Internal changes (deps): bump ua-parser-js from 0.7.31 to 0.7.33 (75df34d)
  30. Internal changes (deps): bump jszip from 3.7.1 to 3.10.1 (ef32ab1)
  31. Internal changes (deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (0f6c62f)
  32. Visual changes (payment): Change description of pending/incomplete transactions. (#1371) (6952fa6)
  33. Bug fix (overview): Make Inbox selection more lenient. (50d5218)
  34. Bug fix (folders): Ensures we refresh the folder list on a name change (5fd354a)
  35. Internal changes (api): Filter for successes in te API folder calls (c13796f)
  36. Visual changes (login): Simplify and improve login screen. (#1377) (a5c5f85)
  37. Bug fix (drafts): Ensure we only refresh drafts once per folders update (f024af2)
  38. Visual changes (folders): Increase width of folders modal. (a50aa6d)

Continue Reading →

Christmas wrap-up: Runbox 7 Upgrades in 2022

December 23, 2022 Leave a comment

Here at Runbox we have been hard at work over the past several months making improvements to Runbox 7, our cutting edge webmail app available at https://runbox.com/app.

Our goal is to develop the fastest and most user-friendly email service available, and as we’re winding down a bit for the holidays we take the opportunity to tell you all about the many bug fixes and other improvements we have made based on feedback from you, our customers.

The most noticeable change is that we have decreased the font sizes slightly, which allows a much more efficient use of the available space in your browser:

Runbox 7 screenshot

Based on your feedback we have fixed a large number of issues that makes the Runbox 7 app more streamlined in everyday use. Through a series of Quality Milestones and a thorough review of Runbox 7 feedback along with diverse support requests we have made over 70 improvements to:

  • The overall performance and reliability of the app
  • Folder and message list displays
  • Compose and the Draft Desk, including attachment handling
  • Message view including the display of HTML and images
  • Settings including Identities and Account Security
  • Contacts and Calendar interfaces
  • Product and payment pages

You can find a complete list of all the updates made to Runbox 7 as well as a detailed changelog in the Runbox 7 app itself.

After this period dedicated to improving the quality of existing functionality in Runbox 7 we are gearing up to continue implementing the Runbox 7 Roadmap in 2023, so stay tuned for new features and improvements coming your way in 2023!

Continue Reading →

Runbox 7 updates August-November 2022: Streamlining and bug fixing

November 22, 2022 4 Comments

Improvements and bug fixes to several parts of the app.

  1. Internal changes (deps-dev): bump karma from 6.3.2 to 6.3.16 (cf19be5)
  2. Bug fix (account-security): Load App Passwords switch enabled, if in use (cdbef1c)
  3. Internal changes (deps): bump terser from 4.8.0 to 4.8.1 (4234974)
  4. Bug fix (2fa): QRCodes for 2fa should be readable in more browsers (f450220)
  5. Bug fix (tests): Github actions tests failing, try more heap size (d96715c)
  6. Internal changes (deps): bump moment from 2.29.2 to 2.29.4 (7f25bbc)
  7. Checks the msg IDs given to API for certain endpoints are valid (ef6acfa)
  8. Replaced text for alias as per request from #1091 (dccf1a9)
  9. Adds a link to caldav sync guide on calendar (c30f4ab)
  10. Bug fix (api): Don’t show errors while loading data in the background (ac23654)
  11. Bug fix (searchservice): Fix compilation error (d4156c8)
  12. sstyle(payment): Clarify main accounts vs sub-accounts. (e7a2c18)
  13. Visual changes (payment): Improve tables and buttons, and default to USD. (84dc7e9)
  14. Visual changes (payment): Correct button style declarations. (4f4f50a)
  15. Bug fix (test): Update tests. (24ac6d0)
  16. Internal changes (calendar): Correctly ad/modify events in calendar service tests (ddeaf33)
  17. Bug fix (changelog): Ensure typos in commit entries do not break the page (09ed2e4)
  18. Visual changes (payment): Payment interface updates. (#1319) (ee47246)
  19. Bug fix (compose): Ensure we can attach same file twice in compose (014c462)
  20. Bug fix (compose): Only run one draft saving attempt at a time (bf44d90)
  21. Bug fix (compose): Adds code checks to fix issues from sentry reports (3769663)
  22. Bug fix (messaging): Ensure msg fetching works after network is restored (0233288)
  23. Bug fix (calendar): Setting “all day” flag on events now saves properly (007b2d5)
  24. Bug fix (compose): Enable drag&drop of images into HTML compose window (87a06f9)
  25. Bug fix (compose): Enable inserting attached files into HTML compose (ea1d989)
  26. Bug fix (compose): Remove drag&drop to compose html window (788fb1a)

Continue Reading →

Privacy, GDPR, and Google Analytics

October 23, 2022 2 Comments

This is blog post #15 in our series on the GDPR.

GDPR

Four European Data Protection Authorities (DPAs) have thus far concluded that the transfer of personal data to the United States via Google Analytics is unlawful according to the General Data Protection Regulation (GDPR).

It is quite certain that other European DPAs, including the Norwegian Data Protection Authority, will follow suit because all members of EU/EEA are committed to comply with the GDPR.

Website analytics vs privacy

Everyone who manages a website is (or should be) interested in the behavior of users across web pages. For this purpose there are analytics platforms that measure activities on a website, for example how many users visit, how long they stay, which pages they visit, and whether they arrive by following a link or not.

To help measure those parameters (and a lot of others) there exists a market of web analytics tools of which Google Analytics (GA), launched in 2005, is the dominant one. In addition, GA includes features that support integration with other Google products, for example Google Ads, Google AdSense and many more.

The use of GA implies collecting data that is personal by GDPR definition, for instance IP-addresses, which can be used to identify a person even if done in an indirect way. GA may use pseudonymization, using their own identifier, but the result is still personal data.

The fact that data collected by GA, of which some data is personal, is transferred to the USA and processed there, has brought the DPAs of Austria, Denmark, France, and Italy to conclude that the use of Google Analytics is not compliant with the GDPR.

None Of Your Business

This conclusion has been reached after complaints submitted by the Austrian non-profit organization NOYB (“my privacy is None Of Your Business”) to a number of European DPAs.

The complaints are based on the Court of Justice of the European Union (CJEU) concluding that the transfer of personal data to the US, without special measures, violates the GDPR.

According to NOYB the Executive Order signed by US President Joe Biden recently will not solve the problem with EU-US data transfers with regards to the potential for mass surveillance.

DPAs on the case

The Danish DPA writes that even if Google has indicated that they have implemented such measures, these measures are not satisfactory in order “to prevent access to transferred personal data by US law enforcement authorities”.

Datatilsynet logo

The Norwegian DPA has thus far received one complaint regarding Google Analytics, and they are saying on their web site that the case is being processed.

They “will place great emphasis on what other countries have come up with”, they say in an email conversation.

Runbox will continue following these developments and keep you updated.

Note: Runbox used GA during a short period between 2011 and 2013. When we became aware of how Google collects data and how they potentially could use these data across their various services, we terminated the use of GA in October 2013. Since then we use only internal statistics to monitor our service and visitor traffic on our web site, and these data are not shared with anyone in accordance with our Privacy Policy.

Continue Reading →

Runbox 7 updates August-September 2020: Webmail improvements

September 25, 2022 Leave a comment

Webmail improvements including Saved Searches, which lets you instantly bring up results of previously saved search terms.

  1. New feature (identities): Order From entries by priority
  2. New feature (dkim): Add a note about selector2 and when it will become active
  3. New feature (account security): Improve password validation and error messages on Account Security to avoid confusion
  4. New feature (dialog): Allow submitting dialogs with Enter/Return key
  5. Bugfix (canvastable): Make sort icons show actual sorting direction
  6. New feature (webmail): add a way to save and reuse searches
  7. Visual fix (app): Remove obsolete instances of mat-icons
  8. Bugfix (startdesk): Fix linter and policy errors
  9. Bugfix (folders): Improve folder count reliability in some edge cases

Continue Reading →

Runbox 7 updates July-August 2020: Performance and Contacts improvements

August 29, 2022 Leave a comment

Improved and more consistent performance, a new menu for marking messages read and flagged, improved Contacts layout, and many other fixes and improvements.

  1. Bugfix (webmail): Update local (non-index) folder counts on refresh
  2. New feature (login): Set inputmode to show email and numeric keyboards on mobile as appropriate
  3. New feature (webmail): Always show popular recipients component if enabled, even with no local index
  4. Bugfix (account): Redirect domain renewals to domain registration app
  5. Bugfix (webmail): Ensure folder counts are updated after read/unread
  6. New feature (webmail): Change icons and tooltips when a message is deleted from trash
  7. New feature (compose): Add debug logs for measuring impact of recipient loading
  8. New feature (folder): Speed up folder size calculations
  9. New feature (webmail): Separate read/unread, flag/unflag in multi-menu
  10. Bugfix (menu): Hide account security until its backend issues are resolved
  11. Bugfix (mailviewer): Load mailpane status (vert/horiz) on page load
  12. Bugfix (compose): Set focus in textarea for replies
  13. Bugfix (contacts-app): Correct filtering options background color
  14. Bugfix (contacts-app): Fix positioning of email contact icon
  15. Bugfix (contacts-app): Make middle column width adjust to its content

Continue Reading →