DDoS Attacks on Runbox

Yesterday and today Runbox was subject to Distributed Denial of Service (DDoS) attacks. This was initiated by a group that have threatened that if Runbox does not pay them a large amount of money, further attacks will take place in the coming days.

We were able to successfully mitigate against the effects of both incidents. During the initial attack we were down for around 15 minutes before we could put a solution in place. Today our customers should not have noticed any effects of the attack.

We think the attacks might be scaled up in the coming days.

(more…)

Continue Reading →

SPF Record Change

After careful consideration we have decided to adopt a stricter policy with regards to SPF (Sender Policy Framework) records for our own Runbox domains.

Note: This does not affect domains owned by our customers.

What are SPF records?

SPF records are used as a way to determine if email addresses are being spoofed in sent mail. They allow domain administrators (Runbox in this case) to specify which servers are allowed to send email for the domains they control.

(more…)

Continue Reading →

Runbox is running faster

After doing some tuning to our central database yesterday we have been able to increase the speed of all our email services significantly.

This is especially noticeable when using the Webmail, but email clients using IMAP and POP should also be faster.

This was made possible because Runbox is a database accelerated email system, where all basic message data is stored in a central database. This means that our various services don’t have to open any actual files on the storage units to display folder contents. Only when a message is opened do the services access the message files themselves.

We’d be interested in hearing if Runbox is running faster for you. Meanwhile we’ll continue working to improve the performance of our services!

Continue Reading →

New IMAP Server Software

We are pleased to announce the official launch of our new IMAP server software.

We’ve been extensively testing and improving the new Dovecot-based software in an open beta phase for several months. We are now very happy with how it’s performing, and it resolves several issues with our current IMAP software (see below).

We will therefore be moving to the new software and will retire our existing Courier-based IMAP servers. Since the new software uses a more standardized configuration, all IMAP users will need to change their settings by December 1, 2015.

Note: If you have already changed your email client’s settings as part of the open beta phase you don’t need to do anything.

(more…)

Continue Reading →

New IMAP Server Software in Open Beta Test

We are pleased to announce the start of the Open Beta Testing Phase of our new Dovecot IMAP servers.

We are introducing new IMAP servers to resolve errors that have been experienced by many customers, to simplify the set up in email clients and to improve IMAP performance.

We expect that customers using Apple Mail (OS X) and the native Mail app (iOS) on iPhones and iPads will see the most benefit from our new servers, but performance and reliability will be improved for all customers.

Problems we believe will be resolved are:

  • Read/Unread synchronisation issues
  • Moving messages from one folder to another resulted in a copy in the new and old locations
  • Error messages of the kind “Cannot connect to server”
  • With iOS the native Mail app would fail to update and would continue to show a date in the past

At some future date the current servers will be retired, and all customers will need to use the new IMAP servers.

If you would like to switch to the new servers now, and take part in our Beta testing phase, please see the information on the Open Beta Phase page (the previous link now directs to the official launch details). Please note that although the software is already thoroughly tested and performing well, changes and disruptions may occur as we continue improving it.

If you have any questions about these changes, please contact Runbox Support.

 

Continue Reading →

Terms of Service and Privacy Policy updates

On July 1st, 2015 Runbox will introduce updated Terms of Service and a more detailed Privacy Policy.

We strongly recommend that you review the documents as they comprise the contract between you and Runbox. They also form the backbone of legal protection of your data, anchored in strong Norwegian privacy regulations.

We have worked hard to make the documents clear, balanced, and easy to understand, and we think you will agree upon reviewing them.

Please note that the changes apply to all current and future Runbox accounts, and that by continuing to use Runbox you in effect accept the updated terms and policies.

(more…)

Continue Reading →

Domains and Privacy

From time to time we get asked why Runbox uses runbox.com as our primary email domain rather than our runbox.no domain.

The reason we are asked this is because some people assume that by using a .com domain all the Internet traffic to and from our servers is routed via the Unites States, and could be subject to US government eavesdropping.

(more…)

Continue Reading →

Outlook for iOS – Privacy Issues

Email Apps and Privacy

Back in May 2014 we reported on our investigations in to two smartphone/tablet apps that had been launched. We were worried to find that the apps did not use our outgoing SMTP servers directly, and instead sent email through non-Runbox servers. This made for much easier set up of accounts, but we didn’t like that it wasn’t obvious to the user what was going on.

Those apps were myMail and Evomail (the later is no longer available).

Outlook and Privacy

Outlook now has IMAP compatibility and is able to work with Runbox accounts, however, like myMail and Evomail it doesn’t connect directly to the Runbox SMTP servers for outgoing mail. In fact, we don’t know if it retrieves email directly from our servers either. We do know that it stores some details of your account on servers that are part of Amazon Web Services.

If this doesn’t bother you, then that’s fine as Outlook is turning in to a nice email app that sits nicely alongside the other Microsoft offerings for iOS and Android.

Using Email Apps that Connect Directly to the Runbox Service

We believe that for maximum security and privacy email apps should be connecting directly to the Runbox service and not connecting via other servers, or storing account details anywhere other than in the app on the device.

Usually if you have to enter the server details for incoming and outgoing mail then the app is likely to connect to those services directly. If you have any doubts about an app, please get in touch with Runbox Support and we will investigate how it behaves.

Continue Reading →