Runbox Two-Factor Authentication

Runbox recently launched Two-Factor Authentication (2FA). 2FA is a log in procedure where an additional piece of information is required in addition to your username and account password.

This additional factor is a code that can only be used once, or for a limited period of time.

Two-Factor Authentication
Runbox Two-Factor Authentication

Runbox 2FA currently supports Timed One-Time Passwords (TOTP) and One-Time Passwords (OTP) as additional factors. We are planning to expand this with Yubikey or U2F support.

Runbox is the only 2FA-enabled email provider in Norway

NorwayRunbox is located in Norway, which has some of the strongest privacy regulations in the world.

By choosing Runbox as your email provider, your data will be protected by these regulations while ensuring your email is secure from unauthorized access.

Read on to find out how Runbox 2FA works and which options are available.


Timed One-Time Passwords (TOTP)

2FA Timed One-Time Passwords
2FA Timed One-Time Passwords

To use this option you will need a smartphone and some free software.

Timed one-time passwords works by giving you a login code which changes over time, in addition to your password.

To get started, download a TOTP app such as Authy, FreeOTP or Google Authenticator onto your mobile phone and follow their instructions.

Note: It is essential that your smartphone has the correct date/time set as this is used by the TOTP app to generate the correct codes that allow you to log in.


One-Time Passwords (OTP)

2FA One-Time Passwords
2FA One-Time Passwords

When you enable this option, the system will generate random passwords that you can use only once. Used passwords are discarded automatically and cannot be used again.

You can download the the list of passwords to a computer or mobile device, or you can print them out if necessary. However, you must keep the list secure as these passwords can be used to access your account along with your usual username and account password.



Trusted browsers

2FA Trusted Browsers
2FA Trusted Browsers

This option allows the server to trust your current web browser so that you don’t have to use a 2FA code. The option places a small piece of code in your browser (a cookie) that tells the server not to require the 2FA details and you can just log in with username and password.

You should only use this method of bypassing 2FA on a computer or device that you are confident nobody else can log in to. You can temporarily turn on/off individual browsers from the trusted list, or you can delete the browser entry entirely which will force that browser to require the 2FA details.


Unlock code

2FA Unlock Code
2FA Unlock Code

If for some reason you are unable to log in with 2FA after it has been enabled, this code can be used to disable 2FA.

The code can be used in conjunction with a secure question/answer for additional security.



Continue Reading →

Spam filter training via IMAP

You can now train your Runbox spam filter using IMAP. Simply use your email program/app to move messages to your Spam folder to report them as spam, and move them from Spam to any other folder to report them as not spam.

IMAP training works for both the Dspam and the Cloudmark filters, the latter of which is in an open beta test. To join the beta test, just go to Manager > Filter and turn it on.

Continue Reading →

How To Use Email Securely

Much has been said and written in the media recently regarding email, and here at Runbox we’d like to take the opportunity to help make it all a bit more understandable.

What is email, anyway?

Email, or electronic mail, is the most common method of exchanging digital messages.

It is easily the most flexible online messaging service available, because it lets users send and receive unlimited text, multimedia, and other files to anyone with an email address anywhere in the world.

Email was invented in the 1960s and is still one of the most popular services currently available via the Internet, with over 90% of US Internet users actively using email.

How does email work?

Email systems consist of computers and devices that are connected via the Internet. These computers and devices can be servers that process and store electronic mail, or clients such as laptops and smartphones that are used to send and receive email.

Email clients and server Email clients connected to a server

When someone sends an email, the message is transferred from his or her device to a server that processes the message.

Based on the recipient email address, the server finds out where to send the message next.

This is usually to another server associated with the recipient’s address, and often via a number of other servers that act as dispatchers.

There are many different types of email software that can send, receive, and store email. If you use a computer or a smartphone, you might be familiar with software such as Outlook, Apple Mail, or Thunderbird.

Where is my email actually stored?

Because the volume of email is so large, email clients typically let servers store all the email that is received and sent and only download messages when they are opened.

This is very convenient because the server can then do resource intensive things like filtering out spam and viruses, and other kinds of sorting and processing.

Another important reason for keeping emails stored on a server is that it lets more than one client access the same messages.

For instance, you can set up your laptop, your tablet, and your smartphone to access all the email that is stored in your account on the server. You can also use a webmail in your web browser, which essentially works as an email client.

This means that your email will be synchronized across all your devices, without you having to do anything manually.

You can read more about how this works in our Help article Using an Email Client with IMAP.

How can I be sure that no one else can access my email?

When you sign up for an email account, you select a username and a password that only you know. This ensures that only you can access the email that is stored in your account on the server.

As you can imagine, it is important that you choose a strong password to make sure that no one else can guess it. It’s also important to be aware of scams that may try to trick you into revealing information that could let someone gain access to your account.

End-To-End Encryption
End-To-End Encryption

However, to be certain no one can read your email even if they were to gain access to it, you can use encryption.

Email encryption can protect your messages all the way from your device to the recipient’s, by encoding them in such a way that it’s virtually impossible for someone unauthorized to unscramble them.

You can read more about this in our Blog post Email Encryption with Runbox and our Help article Encrypting Your Runbox Email.

We hope this article helped clarify what email is, how it works, and how to use it securely. For a more in-depth article, please see How Email Works.

Continue Reading →

New IMAP Service Migration

There are two main ways that people access their Runbox email. The first is our webmail service available on our website, and the other is via some kind of email program that might be on a computer, laptop, smartphone or tablet. If you use an email program, you will be using either our IMAP or POP service to download your incoming mail. IMAP and POP are ways in which email programs communicate with our servers to collect your mail.

We officially launched our new Dovecot IMAP service on in August, and we have been pleased with the number of customers who are moving across to this better IMAP service.

However, feedback we’ve received shows that some customers would like more time to make the switch. Therefore we are going to keep the old Courier-based IMAP service running for the time being, and will decide upon on a new retirement date in the future.

Why should I switch to the new IMAP service?

The new IMAP service provides a faster and more reliable way of accessing your mail, and also fixes a number of issues that were reported with some email apps when using the old service.

Because we need to focus increasingly on the new service, starting in January 2016 we will recommend you switch to the new service instead of providing technical support for the old IMAP service. We will of course help you switch to the new service whenever you choose to do so.

NOTE: If you are using POP you don’t need to do anything. If you’re not sure whether you’re using IMAP or POP, please contact Runbox Support.

How do I make the switch?

Setting up your account as a fresh set up usually works best, but if you just wish to change your settings without setting up your account from the start, then we have instructions for our recommended email clients that show you how to do this.

The documentation for our recommended email programs was updated a while ago to show the new server details. If you are using IMAP and keep all of your mail on our servers, you can set up your account again from the start using the details in those instructions.

If you have any questions regarding switching to the new IMAP service, please contact Runbox Support.

Continue Reading →

New IMAP Server Software

We are pleased to announce the official launch of our new IMAP server software.

We’ve been extensively testing and improving the new Dovecot-based software in an open beta phase for several months. We are now very happy with how it’s performing, and it resolves several issues with our current IMAP software (see below).

We will therefore be moving to the new software and will retire our existing Courier-based IMAP servers. Since the new software uses a more standardized configuration, all IMAP users will need to change their settings by December 1, 2015.

Note: If you have already changed your email client’s settings as part of the open beta phase you don’t need to do anything.


Continue Reading →

New IMAP servers deployed with Perfect Forward Secrecy

Our new IMAP servers were successfully deployed today after upgrading the new ZFS based storage, which resolved an error that had previously caused problems. The technical details of this error can be found in the official bug report from the operating system distributor.

The combination of new, powerful IMAP servers and a modern, ZFS based SAN (Storage Area Network) should significantly improve IMAP performance in the coming days and weeks as we move email accounts to the new storage unit.

Perfect Forward Secrecy support for IMAP

Additionally, the new IMAP servers support Perfect Forward Secrecy on SSL (encrypted) connections, which prevents an unlikely eavesdropper to decrypt the communication between client and server.

You do not have to change anything in your email client to enjoy these new technologies, but do let us know if you experience any problems.

Continue Reading →

[Resolved] Transition to new servers and storage

Runbox has seen a tremendous growth in our user base over the past months following the NSA revelations in the press. As a consequence of this we started executing our plans in January to acquire and install new and powerful virtualization servers and storage units.

Moving to the new servers

After substantial preparation of our server infrastructure we started moving data to the new ZFS based storage servers this week. The new storage servers are substantially faster, more reliable, and adds a lot more capacity than the current ones, and this process is moving forward steadily.

We are also deploying new, IMAP servers as an intermediate step towards completely replacing our  application server infrastructure. The IMAP servers we are currently deploying will improve IMAP performance while we complete the process of installing new, physical application servers that will replace both our current IMAP, POP, and web servers.

Some bumps in the road…

Some of our POP users started experiencing connection problems after being moved to the new storage servers. These users have now been moved back to the old storage servers until we resolve these problems. Update 13:00 CET 27.03.2014: This has probably been solved and we are waiting for feedback from everyone that was affected previously.

Additionally, the interaction between new storage, old storage and the new IMAP servers did not work exactly as predicted, so we rolled back the changes on Wednesday. We had done extensive testing over a long period of time before we deployed this solution, but with some differences (NIC, OS versions) We have now done further testing and will attempt deployment again shortly .

What we’re doing to resolve the problems

We have reviewed the process thus far in detail and uncovered the likely cause of the problems between the new and old servers. We are making the required system changes to ensure a smooth transition next time.

We would like to apologize to those of you who have experienced connection problems with Runbox recently with IMAP and POP, and assure you that we, along with our team of system administrators, will work to resolve these problems over the next few days so that we can provide fast and reliable services to everyone who cares about online privacy, security and sustainable services.

Update 01.04.2014:

We have gathered and analyzed data from the previous attempt at deploying the new servers and will make another attempt Wednesday (02.04.2014) morning CET, this time using a new set of virtualized servers. We will test new combinations of hardware and software between 8-10 AM CET until we have found the configuration that performs best. Meanwhile we have adjusted the configurations of the current IMAP servers to allow more concurrent connections and stop the connection errors some of our customers have seen throughout the day.

Update 03.04.2014: 

Generally IMAP should now operate normally. Between 9 and 11 AM CET when we carry out configuration work with the new IMAP servers some users may experience intermittent connection problems. This work will ensure that the new servers perform at their optimum reliability when we complete their configuration.

The new IMAP servers have performed perfectly during our test phase while emulating a large number of users, but something causes them to slow down when communicating with the new ZFS based storage units. We are working systematically to eliminate the causes and are excited about offering this superior storage technology to all our customers.

Update 08.04.2014:

After several days of testing we have narrowed down the problem to the new ZFS based storage units; not the IMAP servers as was indicated earlier. There are two main issues we are looking at and we expect to have a permanently deployed solution after a couple more days of work.

We plan to do the work outside of European and US business hours to avoid service disruptions for as many customers as possible. We are also looking at contingency plans in case this does not turn out as expected.

If you experience connection errors with Runbox IMAP, please contact Support as the symptoms can vary from account to account. We can then take steps to improve the situation for your account specifically.

Update 11.04.2014:

We have confirmed that the problem with the new ZFS storage was related to deadlocks in certain NFS threads in its operating system. A patch for this error was recently released, and after applying this upgrade the server has been operating perfectly for a full working day.

We therefore believe the problem to be resolved. We will continue to monitor its performance closely over the next few days.

The plan is then to continue moving user accounts to the new ZFS storage and our new IMAP servers, which is likely to improve IMAP performance for all our customers.

Continue Reading →

How To Use Email Like a Pro 2: Use a Smartphone

In today’s world of constant communication, being able to pick up your email on the go lets you stay in touch with your workplace, family, and friends regardless of where you are.

Stay connected, stay efficient

Not only does this let you stay connected in case an important message is sent to you while you’re on the road, but perhaps equally important: You can spend idle time, for instance at an airport or on a train, to stay ahead of your email communication and avoid getting a backlog which you’ll have to process once you get to a computer.

Using a Smartphone with IMAP

With a Smartphone, for instance an Apple iPhone, checking your Runbox email on the go becomes a pure pleasure. If you set up your phone to use Runbox via IMAP, you will stay completely synchronized with the server and any other computers that are configured in the same way. You can find detailed instructions on how to set up Runbox on an iPhone in our Help section.

Be aware of disruptions

Since you can connect to Runbox in a multitude of ways and from virtually any location anywhere in the world, it’s important to be aware of how to manage your communication as efficiently as possible. For instance, it can be helpful to check email regularly and at certain times to avoid it disrupting work and life too much. More on this in later posts!


Continue Reading →

How To Use Email Like a Pro 1: Use Webmail (and IMAP)

Use Webmail

With Runbox, all your email is stored securely on our servers and is accessible to you wherever you might be located, regardless of the computer or device you happen to be using.

The easiest and most direct access method is the Runbox Webmail, which immediately provides a complete overview of the folders and messages in your account.

Webmail is easily the fastest method too, because Runbox is a database accelerated system. On the servers, all the key information about each message (sender, subject, date/time, etc) is stored in a database. The Runbox Webmail just has to poll the database instead of checking the content of each message to display the message overview in a folder, which is what IMAP and POP would have to do.

Use IMAP instead of POP

If you want to download email to your computer, mobile phone, or tablet, consider using IMAP (Internet Message Access Protocol) instead of POP. IMAP allows your email client to stay completely synchronized with all your folders on the server while also downloading messages locally.

IMAP not only synchronizes the messages themselves, but also the read/unread status and flags of each message. It will even copy messages you send from your device to the server’s Sent folder.

POP (Post Office Protocol), on the other hand, can only download from one folder (usually the Inbox) at a time, and can be set to delete the messages from the server so that they can’t be accessed from another device.

Stay synchronized with Webmail + IMAP

The combination of Webmail and IMAP is ideal if you use more than one computer or device, if you’re traveling, and if you’d like to stay connected wherever you may be.

You’ll never have to be without your email again!

Continue Reading →

IMAP improvements

We are currently tweaking the IMAP configuration on our servers to allow more concurrent logins, which should improve responsiveness for email clients such as Thunderbird, Apple Mail, Outlook, and smart phones.

We appreciate feedback on how we are doing!

Continue Reading →