Singapore proxy server discontinued

Some years ago, when connectivity within the pacific region was less reliable, we added a small proxy server in Singapore which forwarded sessions down a VPN connection to our datacentre in New York.

The world has moved on, and this service is barely used. Reading the logs it’s almost all search engines scanning our help pages, which is just going to direct people to the slow proxy copies rather than the originals.

So as of today, the sg.* hostnames point directly to our main New York addresses, and the Singapore proxy will be shut down.

Posted in News. Comments Off on Singapore proxy server discontinued

All reject rules now silent discards, vacation reply requires spam protection

One of the original design problems with email is that none of the email addresses in an email are certified or guaranteed in any way (when it was designed, the Internet wasn’t full of spammers and other hostile parties like it is now).

This flaw allows spammers to put any email addresses they want in any part of an email message. There are systems that attempt to limit this problem (like SPF), but these only help mitigate the issue.

One significant problem this ability to forge email addresses causes is something called "backscatter". Backscatter occurs when a spam email with a forged from address is sent to a system and that system then generates another message in response and sends it back to the forged from address. The most commonly auto-generated response messages by systems are non-delivery notifications (bounce messages) or auto-replies (vacation responses).

In that case the response message goes to some random address the spammer made up, which might be a mailbox at any system, including a spamtrap address that can affect the reputation of our sending IP addresses.

While FastMail has systems in place to try and detect these backscatter messages from other systems and file them into Junk Mail, it’s still possible for FastMail to be a source of these backscatter messages as well, which as noted above can affect the reputation of our sending IP addresses.

To reduce the chance of FastMail being a source of backscatter, we’ve now made two changes.

  1. Until now, the rules to reject/discard messages on the Options –> Define Rules screen were labelled under "Reject emails". There was a separate "Silent" checkbox which controlled whether the email was silently discarded or whether a reject/bounce message was sent back to the sender of the message.

    When FastMail first started 10 years ago, the default was to always reject emails, that is, generate a bounce message. Several years ago, we changed it so the Silent checkbox was checked by default, meaning that silently discarding emails was the default behaviour.

    We’ve now completely removed the Silent checkbox and renamed the section "Discarding emails" as silent discard is now the only option. This will completely eliminate bounces generated by user filtering rules.

  2. Until now, you could setup a vacation auto-response on the Options –> Define Rules screen under the Forward tab at any time.

    We’ve now changed this so that if you want to enable a vacation response message, you must enable at least Normal level spam protection on your account. This will ensure that in the vast majority of cases, we never send a vacation reply to any spam messages.

For users with existing reject rules, those rules have now all been changed to silent discard rules.

For users with existing vacation reply settings enabled, the vacation reply has been disabled if the user does not have Normal level or higher spam protection enabled. Unfortunately this means for Guest & Member accounts, you cannot re-enable vacation replies until you upgrade your account to at least Ad Free as Guest & Member accounts do not support anything but Basic level spam protection.

We’re sorry for any inconvenience these changes cause, but they are required to protect the reputation of our outgoing IP addresses, which is required to allow all users to send email with high reliability.

Posted in News. Comments Off on All reject rules now silent discards, vacation reply requires spam protection

Changing password or disabling IMAP/POP logins now closes any existing IMAP/POP connections

We’ve just made a change today so that if you go to the Options –> Account Preferences screen and change your password, or disable IMAP or POP logins, then we will immediately close any existing open IMAP or POP connections.

This security enhancement is particularly useful if you have a mobile device that is lost or stolen. By changing your password via the web interface on another device/computer, you will immediately force any existing IMAP/POP connections to be logged out and prevent any further logins from that device because the password will no longer be correct.

We also plan in the future to allow expiring web sessions from other machines as well. We’ll announce on this blog when that feature is ready.

Posted in News. Comments Off on Changing password or disabling IMAP/POP logins now closes any existing IMAP/POP connections

Get every new post delivered to your Inbox.

Join 6,875 other followers

%d bloggers like this: