We are currently being attacked again, and are working with our partners to deflect the attack. At the moment our email services are inaccessible.
We greatly appreciate your support and will do everything we can to resume normal operations.
If you can’t reach our regular websites, please see http://status.runbox.com and https://twitter.com/Runbox for updates.
UPDATE 18:30 CET: We are partly back online after putting in place new countermeasures.
UPDATE 19:15 CET: Our email services are currently inaccessible and we are working to mitigate the attacks.
UPDATE 19:25 CET: Email services partly online again.
UPDATE 19:50 CET: Some of our customers will have intermittent access while we implement various measures. We can’t provide any details about these, but it’s a fairly busy day at Runbox. We greatly appreciate your understanding and support while we fend off these attacks.
UPDATE 23:26 CET: We are starting to open up services again for the time being. There will be an incoming mail queue. Thanks again for your understanding.
UPDATE 00:13 CET: Services are returning to normal now. There will be an incoming mail queue for a while. Thanks again for your patience and understanding.
UPDATE 01:46 CET: Services are continuing to return to normal now. There will be incoming mail delays for a while as external mail servers that tried to deliver mail earlier try again. Thanks once more for your patience and understanding during the last few hours.
UPDATE 08:45 CET: Services are currently running normally.
Thanks for the update, keep up the good work!
Thanks, Kamil!
Fully support how you’re dealing with these atrocious attacks, even if it means being without email for a while – don’t give in to the bastards.
Really appreciate the updates – thanks
Julie
Thank you, Jane!
Damn it I have accounts in both vfemail & runbox and both are affected. Is it the same bastards? Can anything be done?
I agree with Jane. Don’t give in.
It seems like Hushmail and ProtonMail, only to name these, are currently experiencing the same DDoS attacks, and have been targets over the past days.
It would be interesting to investigate, during the next “cyber-ceasefire”, on whether only small, independent and security-oriented e-mail providers were targeted, or if standard and larger providers were also attacked these days.
Were you and your partners able you trace back the country of origin of past days assaults?
In any case, I wish you the best of luck countering this. You provide an excellent service year-long, keep up the good work!
Nick
I’m a relatively new user of Runbox, and wanted to ask you something.
Does the DDoS attack merely mean that sent email, or email sent to me, will simply be delayed in arriving?
I’m concerned that messages I send or which are sent to me, might disappear.
I wish you every success in permanently fortifying your system against such attacks, in the interests of your customers.
Thanks for keeping us informed and thanks for not giving in.
Thanks a lot for your updates.
Keep calm and carry on !!
i really appreciate the status updates as i am working on a project that is also having a crisis myself and these update have enabled me to retrieve information i needed so i could continue working using an alternate server.
i agree. you can’t give in. next time they will want more money and it only empowers them to attack other people.
thanks for being such a good service.
Tony, these attacks should not impact your incoming or outgoing email. These will be delivered when the attacks stop. The incoming mail might fail to be delivered if the DDoS persists for a long time, a week or so – which is rarely the case.
Dear Runbox team
I have been a customer for 7 years you provide a great service and therefore have loyal customers – you will be successful in beating this off
best wishes
simon
Thanks for keeping us updated and for all the hard work!
How will you let us know that you have solved the problems? Do you have alternative email addresses for your customers? I do need my email, but support your efforts to not give into these criminals.
interestingly enough, it is my laptop that is down. i can access the email on my tablet using the android email client.
don’t know if that helps any
Marsha: We will update you here. Your problem is lack of incoming email or not being able to log on to your email?
Elizabeth: That can happen depending on the settings used. But there will not be new incoming email, even if you can access your email, right now.
Damn, had to reinstall windows today, so i need to verify my account via email to access my steam account again. Agreed to play with some friends today ;_;
But anyway, since that didnt work I went out in real life agiann today 😉 thanks hackers 😛
Nick: Due to the nature of the attacks (distributed and using compromised computers) it’s very difficult to trace them.
Thank you for your support!
Keep up the good fight! Thank you for all you do.
Vfemail’s host has abandon them. Its going to have some tough time for the near future according to their site. Did I read correctly that protonmail may have paid the blackmail?
Thanks to everyone at Runbox! We really appreciate your efforts and for keeping us posted. Runbox’s philosophy and security stance are a large part of why we subscribe and will continue to do so.
Agree with Jane, Björn, simon and others – your customers appreciate what you do for us. Keep strong. We’re with you.
Alec
I have both hushmail and proton…neither gave updates like this site.
Hushmail came back, but now intros with CloudFlare which I’ve never seen (apparently an umbrella secure site which such email servers subscribe to.) I changed my p/w immed on login
I can’t obtain access to proton (Sat. midnite since 9 am EST)–thankfully just started a month ago and was planning on migrating emails to there. Dead white space. –rethinking THAT.
Wonder if it is a coordinated US (pick three letters) attack to keep everyone unsecure for continued infiltration and access.
Well done, Runbox! Kudos to you and your ISP and hosting partners for standing against the DDoSers. You didn’t pay and you won in every aspect. You also helped others by preventing the group from getting more funds to run even more attacks to get funds to run even more attacks. ProtonMail did pay and they effectively funded the continued attack against themselves and a new attack against Runbox.
You’re rocking Runbox!
R: Hushmail decided to go to CloudFlare to get protection and I can understand them as it is a easy way out of the problems.
For us that was not a option for privacy reasons. Using CloudFlare means that all traffic to our services would go to CloudFlare before they go to us. That is not what our users want.
nobody: We also worked hard to alert the ISPs of the nodes that was being used in the attacks. I dont know if the others that were affected did this. They might have.
Greetings,
Thanks very much for all your updates thus-far on the situation. I’m aware from the press the stress this is causing to you and the rest of the team at Runbox. However I can only try to imagine ferocity of the situation.
Thank you very much for not paying for the service of these bastards. Keep your head and please stay focused and continue to provide the excellent service you provide us. As a good man once said Don’t let the bastards get you down!
Thanks Kim…I will use Hushmail as a “public” server. and not post anything there of a private nature…I think once out of this mess, I will give Runbox a serious look…more caring than most
TO “Nobody”: How you find this out about Proton? I looked everywhere
THX
Nobody et al…I found Proton news via privacy search engine Ixquick
Proton using WordPress blog to highlight chronology of events, lessons for all of us. They suffered through 2 events, paying $6K via Bitcoin for first wave of flooding attack. P said it needed to pay since $100hundreds losses were impacted by its customers.
Second wave, however, was considered “state-sponsored,” with heavy backing by those against encryption as a policy or as a right of freedom. Supposedly, these backers did not like the usage of VPNs.
P planning on coming on line next week or so…major rehabilitation of its network
Will I go back, probably not…state-sponsored will never tire of the intrusions
why don’t they just go away and leave us alone, versus wasting tax dollars to investigate nonsense…
http://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/
Looks like another company paid just like protonmail and still gets taken out.
I am so sorry this is happening to Runbox. I can only imagine the work hours that have gone into trying to keep things running.
Runbox has been an excellent support to me. Always on top of everything! Quick and patient to explain or fix whatever I’ve needed.
Thank you for keeping me informed and thank you for your excellent service! Why would I ever want any other e-mail service!