We’ve recently moved some of our Webmail services to a new virtual server, which we will now upgrade.
For a few minutes, www.runbox.com, secure.runbox.com, and mobile.runbox.com will be inaccessible.
We will upgrade our application servers with more memory and our services will be unavailable while we replace the RAM.
The upgrade will be done Tuesday June 26 at approximately 7:30 AM CET (5:30 AM GMT, 1:30 AM EST) and it will take 30-60 minutes to complete.
We apologize for any inconvenience caused and thank you for your understanding.
For those of our customers who pay for their Runbox subscriptions via bank wire transfer (SWIFT), please note that our bank account number has changed from 7023… to 1503…
To pay via bank wire transfer and to ensure that your payment is sent to Runbox Solutions AS, please select “Pay with other methods” after choosing which products to renew in the payment process. You will then be instructed to pay to the correct bank account number.
If you have any questions, please contact us via https://support.runbox.com.
We have been hard at work behind the scenes for a while on both hardware and software upgrades of the Runbox email services.
Here’s a summary of what we’re currently working on:
New backup system
Last week we added a new backup system with advanced ZFS storage which triples our backup capacity. Not only does this allow us to store backup for much longer than the current one month, but the backup server is powerful enough to act as production storage in the unlikely event that the main storage systems go down.
New MX servers
We have recently added a new MX (mail exchanger) server as the first step in replacing all of our 3 MX servers. The new server is the first of 3 or 4 virtualized servers and is part of a new configuration regime that lets us roll out new servers much easier than before.
New database servers
Additionally we’re planning to replace the main database server with two new and much more powerful ones. This will not only improve performance of nearly all parts of the Runbox email service but make it much more reliable. We hope to have this completed within 2-3 months.
Other planned server upgrades
We’re also going to start replacing several other units with new, virtualized servers which will make our services much more manageable, flexible, and efficient. We expect these upgrades to be completed with 5-6 months.
Runbox 6
Meanwhile, we’re working on the next generation of the Runbox Webmail. Initially this will mostly be a compatibility upgrade as the entire Runbox web application has been rewritten to work with Mod_Perl2 / Apache 2. Runbox 6 will have a couple of new features such as message tagging and improved sub-account management, but will more importantly lay the foundation for further enhancements in the time to come.
More information about all these upgrades will be posted in the near future!
Most people feel that choosing a password is a hassle and consequently spend far too little time on it. However, establishing a good password regime can save you lots of time in the long run and lots of grief by preventing attacks by criminals — and it can even be fun!
How to easily create a great password
Just try to think of a password system that will help you create secure passwords that you can also remember easily. One simple example is to pick the first (or second, third, etc) letter in a sentence you invent. Then substitute some of them for symbols or add some numbers and special characters.
For instance, the sentence:
- I really think that creating and remembering a complex password is a hassle!
- …becomes Irttcaracpiah! when selecting the first letter of each word…
- …which after replacing some of the letters with numbers or symbols ends up as the virtually unguessable Ir++c&racp1ah! (don’t use this password as your own!).
To make the password unique for each service you use, preventing a potential intruder from breaking into more than one account, add words or letters that are associated with each service.
Just think of a sentence and get creative — you can even use full sentences up to 64 characters if you want!
Password selection rules
In general, try to do the following when choosing a password:
- Avoid using dictionary words and names.
- Never use sequences of letters or numbers such as “qwerty” or “123456”.
- Avoid familiar items that someone might guess (names, phone numbers, etc).
- Use a combination of letters, numbers, and special characters.
- Use 8 or more characters.
See also:
- More tips on passwords and password systems.
- If you want to generate random passwords, you can use this tool: Secure Password Generator
Protect your password
Once you have chosen a good password you need to protect it from possible attackers.
- Avoid using one password for all your logins!
- Try to choose a password you can memorize so you won’t have to write it down.
- Never share your password with anyone.
- Avoid logging in from public computers. If you do, then always use https://secure.runbox.com which provides encrypted transfer of all your data.
- Check the Account page for any suspicious login attempts to your account.
- Be careful opening email attachments from people you don’t know or trust — it might contain a computer virus, a key logger that will snatch your login information, or other malevolent programs.
During the recent days we have detected and neutralized a number of phishing attempts.
The most recent phishing attack is falsified to appear sent from soc@nullus-cert.gov and has a subject starting with Phishing incident report call number.
The message contains an attachment with a name similar to US-CERT Operations Center Report 6458549.zip.
If you receive such a message, please delete or disregard it.
In general, be careful when opening attachments or links in messages from senders you don’t trust.
Also, please remember that Runbox will never ask for your login details, especially not by email. See this page for more information about phishing:
If you have any questions or concerns, please don’t hesitate to contact us.
The Runbox website is now protected by an Extended Validation Certificate when in secure mode at https://secure.runbox.com. This is usually indicated by a green address bar in your browser.
This certificate independently verifies the identity of our company as the owner of the domain runbox.com, meaning that visitors can be certain the web pages they see are legitimate.
We recommend you always be aware of the domain name shown in your browser, especially after clicking links in email messages, to prevent so-called phishing.
We also recommend using secure mode (SSL) when logging on to Runbox. You can enable this in your browser by clicking the “Secure” link next to the login fields on the front page.
Earlier this year you will remember that we moved the servers that handle your email to a new data center. At the same time we partnered with a new systems management partner (Copyleft Solutions) and have spent some time since then getting used to working together and getting all the documentation and routines in order.
We have now started a maintenance phase where we will perform various behind the scenes configuration improvements and minor upgrades. This will make the systems easier to maintain, improve service snappiness and lay the foundation for future development of our services.
The maintenance phase will last approximately 2 months, and to allow for the flexibility needed during this phase we are likely to schedule minor downtimes with relatively short notice.
We will try to give at least 2 days notice on our website, and on each occasion the downtime is expected to be less than 15 minutes.
We understand that service disruption can be a problem, but will be grateful for your patience while we work to make Runbox a better and more responsive service.
Here are some pictures from the move showing our old and new Data Center, our servers, and some of our sysadmins.
All in all the process involved around 2 weeks of planning, 10 people, 3 cars, a few hundred feet of cable, 10 hours of deracking, driving, and installing, and a week cleaning up afterwards.
It’s good to know that Perdita, Pongo, Patch, Penny, Pepper, Taishi, Rambo, Takara, Tinkerbell, Chernushka, Strelka, Bars, Pink, Oscar, Fenris, Greyhound, Odie, Marmaduke, and Sirius are all running smoothly in their new pound!
We have been busy cleaning up after yesterday’s big (and long) move and want to thank everyone for your patience while we got everything running the way it should.
Currently the status is:
- Webmail, POP, IMAP, and SMTP should be working normally for all users since we located and corrected a proxy problem this afternoon (which was actually introduced before we moved and had to do with the format of distributed authentication files).
- All email that was queued during the transition has been delivered to their respective accounts.
- We have some issues with messages sent from the Webmail that we’re investigating.
- We still have some timeouts on FTP that we’re working on.
Our new sysadmin team is already hard at work making the service more reliable, and once we have all the support systems and routines in place across our organizations we will work more efficiently together.