POP v IMAP – battle of the protocols

POP (Post Office Protocol) and IMAP (Internet Message Access Protocol) both have their place, but for most customers Runbox recommends that IMAP is used.

POP and IMAP are both ways in which an email program (client) can access your messages on an email service (server). This client-server relationship needs the two systems to communicate with each other and depending on which of these you choose your options for managing your email will be different.

Synchronisation

Generally speaking IMAP can be regarded as synchronising what is on the server (which you can see in the Runbox webmail) and what is on the device or computer that is using IMAP. With the increase in the number of devices we each use if you want your email contents to be the same across all your devices, then IMAP is the best option.

Online v Offline

POP is quite different to IMAP and the basic idea is to allow you to download messages from an Inbox on a server and remove them from the server. The idea behind this was that it would be particularly useful if you have intermittent Internet access and want to manage your email on your device. POP clients also have the option to leave email on the server in case you want to keep it there as a backup or download it to another device later. Some clients also have an option to delete the email after a certain period of time.

However, caching (keeping a copy) of messages in the email program also allows IMAP to provide a way of working without an Internet connection. POP still has the advantage that generally speaking all your email is downloaded and you can be confident it is stored on your machine whereas with IMAP you may need to ensure specifically that the email you want to access offline is downloaded.

Sent messages

Another of the key differences between POP and IMAP is that with IMAP email that is sent from a device is usually copied to the Sent folder on the server. This means if you start using a different IMAP device or access your email via the webmail you can also see your Sent messages sent on all other devices. Sent messages are never copied to the Sent folder when using POP and are stored locally only on the device that sent the message.

Folders

IMAP allows you to structure your email in a variety of folders and these are reflected across your devices. POP only allows access to messages from a particular folder, usually the Inbox (though Runbox has a feature called “POP from folder” that allows you to access a particular folder in your account).

Storage

If you regularly access your email then POP could mean you only need a small amount of server storage and therefore cost you less in hosting charges. For example, if you always download you email and delete it from the server then you won’t need as much storage space compared to someone who leaves all their email on the server using IMAP and may also have a folder structure they need to maintain that wouldn’t be possible with POP.

Of course with IMAP you can also copy messages to a local folder in your email program and then delete them from the server, but this needs a bit more effort whereas with POP it is a feature of this way of accessing messages in the first place.

Backups

Using POP to download all your email and at the same time deleting it from the server does mean that you might want to consider making your own backups of your email. With IMAP your email is stored on the server and this acts as a kind of backup in itself. Runbox also makes backup snapshots of your account (unless you opt out of this), but if you download all your email using POP and leave little on the server, then there might not be anything for us to make a backup snapshot of.

Why we generally recommend IMAP

Generally speaking if a customer asks us whether IMAP or POP is best for them we will recommend IMAP. There are a number of reasons for this, and some are listed below:

  • The experience across devices and between devices and the webmail is consistent.
  • It’s easy to set up two or more devices and know that you will see all the email that is in your account.
  • If you need to remove the account from a device and set it up again you won’t automatically lose your messages (with POP you would need to make a local copy first).
  • It’s easy to change your mind about what email program you want to use because email is stored on the server.

When we would recommend POP

A customer might have a specific reason for not leaving email on the server. They may want to keep their storage plan small so that they don’t need to upgrade over a period of time. They may also want to ensure that data is not stored on our servers for too long, or in our backup system.

They may also need to filter email for different purposes using the filters built in to every Runbox account, and then just access a particular folder as if it was the Inbox using the POP from folder feature mentioned above.

Server details

The server details for POP and IMAP are very similar, except that you use port 995 for POP and 993 for IMAP. You will find the full details on our server details page.

If you need any further information about POP and IMAP just contact Runbox Support.

Continue Reading →

Changes to TLS encryption security

At Runbox we are pleased to be able to provide you with secure email services. In order to maintain the security of email communications it is necessary to continually review how email systems connect and communicate with each other, and this includes how you connect to our service to send and receive email.

Encryption is important

When you connect to our service using an email program (such as Outlook, Thunderbird, Apple Mail etc.) the connection between the email program and our mail servers is encrypted so that nobody can intercept your username, password or email message content.

It’s important to use updated software that supports modern encryption methods to prevent that encryption from being broken and compromised as hackers increasingly use more and more powerful computers and techniques to decrypt data.

As such we will end support for outdated encryption methods to ensure that we provide the latest and most secure encryption between your email program and our service. This also helps us prevent unauthorised access to our servers and helps keep the Runbox service safe for all customers.

On 1 July 2019 we will retire some very old encryption protocols
and this might affect some older email programs.

The technical details

We will be retiring support for TLS 1.0 and 1.1 and will only support TLS 1.2 or later. TLS 1.2 has been around for 10 years so there has been a long time for email programs to adopt the use of this type of encryption. TLS is Transport Layer Security and is the encryption that protects your data. However, you don’t need to understand much about this to make any necessary changes.

Your email program

Most email programs that were released in the last 5 years will be compatible with the latest encryption. It is important to use the latest versions of email programs as the developers of those programs will have corrected bugs that could be a security issue. Where possible it is also advisable that you use the latest version of your computer’s operating system.

We have tested the email programs below and they all work with the most modern encryption that we use with our servers.

  • Outlook 2010 and later (Windows and macOS) – may require a registry change for Windows 7 customers.
  • Thunderbird (Windows and macOS)
  • Apple Mail (macOS) – High Sierra or later.
  • Windows Mail (Windows)
  • eM Client (Windows and macOS)
  • Gmail app (Android)
  • Mail app (iOS) – requires iOS 10 or later.
  • Maildroid (Android)

Many other email programs will also work with our service and those listed above are just commonly used ones that we have tested.

Further details and help

If you need any help on this issue, or would like us to offer advice on the email program you are using please get in touch with us.

Continue Reading →

Using your own domain name with Runbox

When you read this blog post, you will see https://blog.runbox.com in your web browser’s address bar. Our domain name is runbox.com and domains are used in this way to make the Internet easier to use. The Internet uses IP (Internet Protocol) addresses to route information from one place to another. Without domains you would need to know the IP address of the server that this page is delivered from (http://91.220.196.127).

The same is true with email addresses. If you send a message to support@nullrunbox.com, the sending mail service can work out from @runbox.com that our mail server (mx.runbox.com) has IP address 91.220.196.211.

Domains also mean that if we change our network in a way that means our IP addresses change we don’t need to tell you to remember different IP addresses as we can just point our domain at the new addresses.

Changing email provider

When choosing an email provider once of the biggest concerns expressed to us by new customers is the fact they might need to change their existing email address and tell all the people they use that address with. There are some ways that Runbox can help smooth any transition such as this, and some things you might be able to do at your current email provider:

  • Forward email from your old email provider to your new Runbox account, but reply from your Runbox address to give people time to add your new address to their address book.
  • Use the Runbox POP retrieve feature to download new messages from your old account in to your Runbox account.
  • Use the Runbox IMAP Import feature to move all your existing messages from your old email provider to Runbox.

Never change your email address again

However, as you move to Runbox, why not make changing your email address the last time you ever do this?

We would be very happy for you to stay with Runbox for as long as you like and never need to change your @runbox.com email address. However, sometimes there are good reasons why you might need to use a different email provider, or you may want to use another email provider in addition to Runbox (e.g. for business reasons). This might mean you can’t use your @runbox.com address as you don’t own the domain and can’t configure it to work as you need.

The one sure way to avoid that problem and to have maximum control and flexibility over your email services is to register your own domain.

Registering a domain – an address for life

Domains are not expensive to register and the Runbox services can work with any domain you choose to own. We offer personal support to register your domain and to help you get it up and running. You can use a domain for both email and a website, and Runbox has web hosting packages if you decide you also need a website.

Once you have your own domain, you can have an email address for life.

To find out which domains might be available for you to register, you can go to Account >> Domain Hosting in your Runbox account and use the search feature to find out if a domain you are interested in is available.

Domains cost as little as USD 14.95 per year for a .com domain, and once you have your own domain it is yours to use for as long as you like and with any email provider you like whether you are a Runbox customer or not.

Help and support

If you have any questions about registering domains, please contact us at support@nullrunbox.com or via our support website at https://support.runbox.com

Continue Reading →

Know where your email is, wherever you are!

When you access web pages and other services such as email a whole range of things go on in the background to ensure that your request for a web page or accessing your email is achieved no matter where you are in the World, or which Internet Service Provider (ISP) you are using at the time. As part of that process, the companies that provide these services can do some useful things to ensure that your access is as fast and as reliable as possible.

Edge services

One thing service providers can do is make use of edge services that move data and processing closer to the location of the device you are using. This will mean that when you access the service the route that the data takes is shorter geographically, and that a central data centre is not having to handle all the network traffic and processing. This reduces the time it takes from when you perform some action on your device to when you get the response from the service. This is often referred to as latency.

As more and more devices become connected to the Internet, and 5G mobile services are rolled out fast responsiveness will become increasingly important for providing a good experience.

Runbox and edge services

Despite all the benefits of edge services and why they are used, we are pleased to say that Runbox doesn’t use any of them – and for good reason.

We understand that privacy and knowing who looks after you data is important to you as a Runbox customer, and to that end we are happy to say that we can offer you the confidence of knowing where your email is stored no matter where you access it from.

We only store your email on servers that are located in a data centre in Oslo, Norway. In addition to our own security features, it is protected by the highly regarded legislation of Norway which is very focused on the privacy of communications and data more generally.

All networks point to Norway

When you access your email with an email program or via our web interface data to and from your phone is routed between your location and Oslo, and the only place your data can be accessed from is the servers in Oslo.

Between you and our data centre the data can travel across many networks with your current ISP at one end and ours at the Oslo end. However, all our services encrypt your data between your device and our servers and this means the email content isn’t readable as it passes through the ISPs that provide your connection to us.

We believe that rather than distributing your data to data centres around the World, it is important for it to be treated as a valuable commodity and give it location specific protection. This means all access to your data is in accordance with Norwegian law.

Internet routing

Runbox doesn’t control the entire route of your data to our servers, and the further from Oslo you are the less influence our choice of ISPs has on the route your data takes.

The geographical distance between you and our servers can make a difference to how responsive our servers appear to be. This is because of the number of ISPs and routers involved in the network between you and us, as well as the quality and speed of the service those ISPs provide.

Usually this doesn’t cause any significant issues and we have happy customers in 170 countries including Australia and New Zealand, which is about a far as you can get from Oslo. However, sometimes it can cause an issue and we can help customers try to deal with this if they contact us.

Speeding up your email access

While we are pleased to offer the certainty of knowing where you data is stored, we are also keen to make sure that you have a good experience using Runbox.

Using an email program like Thunderbird, Outlook or Apple Mail and therefore having your mail stored on your device can improve access to your messages. Doing this means that instead of having to download details for all of your messages each time you access your account, mail that has already been downloaded to your device is already there and only new messages need to be fetched from the server.

Using an email program is a great idea for many reasons and not just because it helps solve potential network issues, but also because of the ability to manage more than one email account in the same interface, use the local search capabilities of the email program and access previous messages when you don’t have an Internet connection.

And now we can speed up your web access too

Recently we’ve introduced local storage to the Runbox webmail in the form of the Runbox 7 web app. When you log in to the new interface you will be given the choice to download an index of all your messages that will be stored in your web browser. This index will remain there and be updated as new mail arrives until you decide to delete it. We also pre-load the content of the messages that are shown in your message list so that when you open the message the content is already on your device ready to be shown to you. This makes Runbox 7 a very fast webmail client with excellent search capabilities.

Know where your email is, wherever you are

So not only do you have the peace of mind knowing where your email is stored when it arrives in your account, but you also have the option to store it securely on your own personal devices for even greater performance.

This means you don’t need to worry about what edge services are doing with your data, because with Runbox you know where your email is, wherever you are!

Continue Reading →

Profiles, Identities, Privacy or just a different look!

Whether you need to run personal and business emails from the same account, or just want to have a different identity for some purposes, Runbox has always provided customisation tools that let you adapt the name and email address on your outgoing message to suit any occasion. We call these Profiles and they are based on folders.

Profiles in Runbox 6

In the original design of Runbox it was intended that where necessary you could move or automatically filter incoming message to folders for different purposes, or to help you organize your email better. Along with folders there are a set of preferences for each folder. By default new folders that are created are set to have the same preferences as your Inbox, but you can change this setting so that you can customise these preferences on a per folder basis.

By far the most commonly customised settings are the Name, From, Reply to and Signature settings. These in particular allow you to create new “Profiles” so that you can send mail as it you have more than one email account. When you are reading email in a particular folder and you reply or create a new message while that folder is selected, your preferences for that folder are automatically applied to the message you are creating.

As mentioned in a previous blog post aliases are an excellent way to keep mail separate for different purposes, and potentially help you manage any unsolicited mail. Profiles let you take this further and create a whole new identity, including a different name to go along with the alias address. Whenever you are using the Compose windows your aliases and profiles are listed in the drop-down box at the top of the window so you can easily select the one you need.

Identities in Runbox 7

One of the drawbacks of the flexibility the existing interface offers is that it can be quite time consuming setting up a alias, and then having to create a folder for a profile just so you can set up a different “from” name or signature. You might not even want to move or filter messages to a folder, but you would still need to create one if you want a different profile.

In Runbox 7 we are going to simplify and streamline this process and all aliases will automatically become part of an “Identity”. When you create an alias you will at the same time have the option to update other details attached to that alias to create a different identity, or accept the default values that will automatically be pre-filled for you.

We are also planning to eventually allow you to create a folder from the identities interface and at the same time a filter so that when you create an alias and decide to use that as an identity you can complete all the necessary steps at the same time.

In Runbox 7 these identities will replace profiles and will improve on a feature we have offered for a long time, and one that is a key feature of what Runbox offers in its email service.

For more information about Runbox 7, see some of our previous blog posts below:

We still have some open spots in the beta testing, so if you would like to participate send an email as soon as possible to support@nullrunbox.com with the subject “Runbox 7 Webmail beta test”.

Continue Reading →

Sub-addressing (plus addressing)

In the last blog post we outlined how you can use aliases to help organise you email, and also how they can help you deal with unsolicited or marketing email. Aliases offer alternative addresses for your account so that you don’t have to use the same address for everything. However, there is a quicker way to create new addresses on your account that doesn’t need you to log in to your account and set anything up. This is sub-addressing (sometimes called plus addressing or tagged addressing).

Sub-addressing has a big plus

The key to sub-addressing is including a + and some text after it (called the tag). This goes after the username and before the @ symbol.

When our mail servers see this for incoming mail it knows that everything before the + is the username and so it can still deliver to the correct account.

Even though the mail system delivers to your usual account, the message is still addressed to username+tag@nullrunbox.com and you can use this in various ways. Sub-addressing had a lot of uses and is easy to use.

  • just make up the addresses as you go along without the need to set them up in your Runbox account.
  • use a sub-address for anything where you might want to identify the place where you used your email address.
  • use a different tag for each online website you sign up for so that if one leaks your address you know which one.
  • create a filter to delete email to that particular sub-address if it starts receiving spam.
  • filter email to specific folders based on the sub-addressing.

Works with all usernames and aliases

Sub-addressing works with all the Runbox domains, with your own domain if you using one, and with aliases (e.g. alias+tag@nullrunbox.com).

Unlike aliases you can’t delete a email address in this format, because you never set it up in the first place. If you do get unwanted mail to an address in this sub-address format you can deal with it in two ways.

  • use a filter in your Runbox account to delete it or filter it to spam.
  • if it is set up on an alias delete the alias, but this means that any other sub-addresses using that alias will also stop working.

Something else you should know

Although sub-addressing is part of the official specification for email systems, not all email providers implement it. That might mean some websites will not accept an email address with a + in it, and some email services may not allow sending to addresses in that format. If you do come across problems, please let the website or email provider know that they could be supporting this useful address format. If you prefer, let us know and we will try to get in touch with them.

The good news is that most major email services (and those that like to do things properly) do use sub-addressing and this means you are not likely to come across problems very often.

If you need any help with sub-addressing please take a look at our help page about sub-addressing, or contact Runbox Support.

Continue Reading →

Using Runbox aliases

It’s been a while since we wrote about one of the most useful Runbox features — aliases!

Aliases are a great way to organise your email, and also a very useful tool in avoiding too many problems making changes if an email address starts to receive more unsolicited or spam email than it is easy to deal with.

Aliases

Aliases are alternative email addresses for your Runbox account that deliver mail to your existing Inbox, the same Inbox your main username delivers message to. You can send and receive mail using an alias and nobody other than you need know that it is an alias. You will see aliases listed in the Compose window if you are using our webmail, and if you are using an email program you can usually set them up in the account settings.

Using your aliases

Many people use aliases to separate mail to/from different groups of people, or to separate business and personal use. You can even use filters to automatically move incoming mail addressed to aliases to specific folders in your account.

When you sign up for online accounts of different kinds (e.g. online shopping, forums, finance etc.) you could use a different alias for each account. You can use more important aliases for organisations where you feel your information is more secure, and other aliases, that you might consider throwaway addresses, for less reputable websites.

Unsolicited/spam mail

You may not be able to tell if a website is reputable or not, but if you use aliases for different kinds of use and you start getting too much unsolicited email to one or more of them, the easier option might be to decide not to use a particular alias any longer and to replace it with another one.

Abandoning an address and deleting the alias is one way to make sure it can’t receive email, but if it is your only or main email address this could mean telling friends, family, work colleagues and a whole list of websites you new address. However, if the address is an alias and you only use it for a small number of websites then it is easier to justify deleting the alias as it is less effort to set up a new alias on those websites

Setting up aliases

Runbox provides all customers with 100 aliases for their account, regardless of their plan choice. Aliases can be set up and managed by going to Account >> Aliases.

Aliases are not forwarding addresses, and forwarding can be achieved using filters. However, to allow certain combinations of Runbox accounts to work together we have made it possible for aliases to deliver messages to another Runbox account other than the account they are created on.

When you delete an alias it is permanently reserved for your account, and you can always add it back to the account that it was originally set up on. That way, you can temporarily disable an alias by deleting it, and then reinstate it at a later time.

Aliases and sub-addressing

There is another way you can create additional addresses on your account, and we will be looking at that in our next blog post about sub-addressing.

If you have any questions about using aliases, please see our help page about Aliases and Profiles.

Continue Reading →

Improving Payments with Stripe

As part of an ongoing effort to modernize our payment processes, we have changed our primary card payment processor to Stripe. This will allow us to offer a more streamlined and modern payment experience for customers.

In addition to accepting cards issued via Visa and MasterCard, for the first time with Runbox you can now pay directly using American Express cards. We are also now able to to offer Apple Pay, Google Pay and Microsoft Pay as payment options.

Making this change will result in more reliable payments, and along with other changes in our payment system will give us greater flexibility in helping customers who need to change the products they have with us.

Being our main card processor will also make Stripe the primary route by which automatic renewals are processed, and other methods will gradually be phased out. We have other changes planned for the future that will simplify choosing the products you need.

If you have any questions about these changes, please contact Runbox Support.

Continue Reading →

Removing Customer IP Addresses

We are pleased to announce that we no longer include customer IP (Internet Protocol) addresses in outgoing mail headers when you are using our SMTP service. The SMTP service is what you use if you are using an email program like Outlook, Apple Mail, Thunderbird or other similar programs on a laptop, desktop or mobile device.

This brings our SMTP service in line with our webmail service where we haven’t included the customer IP address for a few years now.

Removing the IP address of your Internet connection can help improve your privacy as IP addresses can sometimes be used to identify your geographical location, and might be accurate to a particular town or city (though often they are much less accurate that this).

If you have any further questions about this please contact Runbox Support.

Continue Reading →

Vulnerabilities in PGP and S/MIME

We have been following a story that appeared recently about vulnerabilities in PGP and S/MIME that can cause a leak of the plaintext content of encrypted emails.

A technical description of the vulnerabilities can be found at https://efail.de/

There are a number of possible mitigations for the vulnerabilities, and they vary in how much they might impact your use of encryption. As we have help pages about how to use encryption with email, we felt we should let you know about these particular vulnerabilities.

Continue Reading →