Hardware and software upgrades

We have been hard at work behind the scenes for a while on both hardware and software upgrades of the Runbox email services.

Here’s a summary of what we’re currently working on:

New backup system

Last week we added a new backup system with advanced ZFS storage which triples our backup capacity. Not only does this allow us to store backup for much longer than the current one month, but the backup server is powerful enough to act as production storage in the unlikely event that the main storage systems go down.

New MX servers

We have recently added a new MX (mail exchanger) server as the first step in replacing all of our 3 MX servers. The new server is the first of 3 or 4 virtualized servers and is part of a new configuration regime that lets us roll out new servers much easier than before.

New database servers

Additionally we’re planning to replace the main database server with two new and much more powerful ones. This will not only improve performance of nearly all parts of the Runbox email service but make it much more reliable. We hope to have this completed within 2-3 months.

Other planned server upgrades

We’re also going to start replacing several other units with new, virtualized servers which will make our services much more manageable, flexible, and efficient. We expect these upgrades to be completed with 5-6 months.

Runbox 6

Meanwhile, we’re working on the next generation of the Runbox Webmail. Initially this will mostly be a compatibility upgrade as the entire Runbox web application has been rewritten to work with Mod_Perl2Apache 2. Runbox 6 will have a couple of new features such as message tagging and improved sub-account management, but will more importantly lay the foundation for further enhancements in the time to come.

More information about all these upgrades will be posted in the near future!

Continue Reading →

Tips for choosing and protecting passwords

Most people feel that choosing a password is a hassle and consequently spend far too little time on it. However, establishing a good password regime can save you lots of time in the long run and lots of grief by preventing attacks by criminals — and it can even be fun!

How to easily create a great password

Just try to think of a password system that will help you create secure passwords that you can also remember easily. One simple example is to pick the first (or second, third, etc) letter in a sentence you invent. Then substitute some of them for symbols or add some numbers and special characters.

For instance, the sentence:

  • I really think that creating and remembering a complex password is a hassle!
  • …becomes Irttcaracpiah! when selecting the first letter of each word…
  • …which after replacing some of the letters with numbers or symbols ends up as the virtually unguessable Ir++c&racp1ah! (don’t use this password as your own!).

To make the password unique for each service you use, preventing a potential intruder from breaking into more than one account, add words or letters that are associated with each service.

Just think of a sentence and get creative — you can even use full sentences up to 64 characters if you want!

Password selection rules

In general, try to do the following when choosing a password:

  • Avoid using dictionary words and names.
  • Never use sequences of letters or numbers such as “qwerty” or “123456”.
  • Avoid familiar items that someone might guess (names, phone numbers, etc).
  • Use a combination of letters, numbers, and special characters.
  • Use 8 or more characters.

See also:

Protect your password

Once you have chosen a good password you need to protect it from possible attackers.

  • Avoid using one password for all your logins!
  • Try to choose a password you can memorize so you won’t have to write it down.
  • Never share your password with anyone.
  • Avoid logging in from public computers. If you do, then always use https://secure.runbox.com which provides encrypted transfer of all your data.
  • Check the Account page for any suspicious login attempts to your account.
  • Be careful opening email attachments from people you don’t know or trust — it might contain a computer virus, a key logger that will snatch your login information, or other malevolent programs.

Continue Reading →

Phishing messages alert

During the recent days we have detected and neutralized a number of phishing attempts.

The most recent phishing attack is falsified to appear sent from soc@nullus-cert.gov and has a subject starting with Phishing incident report call number.

The message contains an attachment with a name similar to US-CERT Operations Center Report 6458549.zip.

If you receive such a message, please delete or disregard it.

In general, be careful when opening attachments or links in messages from senders you don’t trust.

Also, please remember that Runbox will never ask for your login details, especially not by email. See this page for more information about phishing:

What is spam, and how to avoid it

If you have any questions or concerns, please don’t hesitate to contact us.

Continue Reading →

Extended website security

The Runbox website is now protected by an Extended Validation Certificate when in secure mode at https://secure.runbox.com. This is usually indicated by a green address bar in your browser.

This certificate independently verifies the identity of our company as the owner of the domain runbox.com, meaning that visitors can be certain the web pages they see are legitimate.

We recommend you always be aware of the domain name shown in your browser, especially after clicking links in email messages, to prevent so-called phishing.

We also recommend using secure mode (SSL) when logging on to Runbox. You can enable this in your browser by clicking the “Secure” link next to the login fields on the front page.

Continue Reading →

Maintenance phase

Earlier this year you will remember that we moved the servers that handle your email to a new data center. At the same time we partnered with a new systems management partner (Copyleft Solutions) and have spent some time since then getting used to working together and getting all the documentation and routines in order.

We have now started a maintenance phase where we will perform various behind the scenes configuration improvements and minor upgrades. This will make the systems easier to maintain, improve service snappiness and lay the foundation for future development of our services.

The maintenance phase will last approximately 2 months, and to allow for the flexibility needed during this phase we are likely to schedule minor downtimes with relatively short notice.

We will try to give at least 2 days notice on our website, and on each occasion the downtime is expected to be less than 15 minutes.

We understand that service disruption can be a problem, but will be grateful for your patience while we work to make Runbox a better and more responsive service.

Continue Reading →

Pictures from the Move

Here are some pictures from the move showing our old and new Data Center, our servers, and some of our sysadmins.

All in all the process involved around 2 weeks of planning, 10 people, 3 cars, a few hundred feet of cable, 10 hours of deracking, driving, and installing, and a week cleaning up afterwards.

It’s good to know that Perdita, Pongo, Patch, Penny, Pepper, Taishi, Rambo, Takara, Tinkerbell, Chernushka, Strelka, Bars, Pink, Oscar, Fenris, Greyhound, Odie, Marmaduke, and Sirius are all running smoothly in their new pound!

Continue Reading →

Post-move status

We have been busy cleaning up after yesterday’s big (and long) move and want to thank everyone for your patience while we got everything running the way it should.

Currently the status is:

  • Webmail, POP, IMAP, and SMTP should be working normally for all users since we located and corrected a proxy problem this afternoon (which was actually introduced before we moved and had to do with the format of distributed authentication files).
  • All email that was queued during the transition has been delivered to their respective accounts.
  • We have some issues with messages sent from the Webmail that we’re investigating.
  • We still have some timeouts on FTP that we’re working on.

Our new sysadmin team is already hard at work making the service more reliable, and once we have all the support systems and routines in place across our organizations we will work more efficiently together.

Continue Reading →

Server relocation: Scheduled downtime Tuesday June 14

Server Relocation and Email Downtime – Tuesday June 14 10-14 CET (08-12 GMT / 05-09 AM EDT / 02-06 AM PDT)

We’re excited to announce that Runbox is partnering with a new server hosting and management company, Copyleft Solutions. As part of this change we will move our email server park to a new Data Center on Tuesday June 14 between approximately 10 and 14 CET.

How will this affect me?

Our email services, including Webmail, POP, IMAP, and SMTP, will be inaccessible for about 4 hours while the servers are being moved. Incoming email will normally be queued on the sending servers, but users of mailing list services such as Yahoo Groups might want to suspend those to avoid bouncing of incoming email.

The Runbox Web Hosting services will *not* be affected as they are hosted in a different location. All web sites and domains hosted with Runbox will continue to work normally.

We apologize for any inconvenience caused by the relocation.

What can I do?

We recommend that you check your email before the scheduled downtime. While we are migrating it will not be possible for you to access your email.

You will not need to change any settings in your email client. It will work normally once our servers are online again.

(For those who have been using our IP address (87.238.52.70) instead of a regular server name, please change this to 91.220.196.211.)

To get updates about the relocation and when the services will be online again, please check this page, Twitter, or http://status.runbox.net

If you have any questions, please use the Support Center at http://support.runbox.com

Why are you relocating?

Runbox is partnering with Copyleft Solutions, a Norwegian company focusing on secure hosting and open source software. Copyleft Solutions shares Runbox’ values and core principles, and we will be their preferred email provider going forward.

The partnership will strengthen both companies in the long-term as we also share many goals and interests — first and foremost to provide the best possible email services for our users.

The new Data Center

The Runbox email server park will be moved to Copyleft Solution’s data center at Digiplex. Digiplex offers state of the art facilities with secure, climate controlled environments and full power and telecom redundancy.

In the future, this move will improve the quality and responsiveness of our services, as the servers will be hosted on a higher capacity network by a company committed to further developing the platform.

Continue Reading →

Domain registration launched

We’re very happy to announce that Runbox now offers integrated domain registration!

This means that you can host both your domain name, your website, and your email in one place with the same user-friendly interface.

Just open Account: Domain Hosting Administration to get started with a new domain name!

Currently we only support the main top level domains .com, .net, and .org, but plan to add more soon. We also plan to support transfers of domains from/to other providers.

To find out more about how Runbox Domain Hosting works, please see our Help section.

Continue Reading →