Service Alert: Outbound SMTP Server – Some Bounces

We’ve been working on an SSL issue with one of our outbound SMTP servers. During the process of running an upgrade, a few messages were bounced when they shouldn’t have been. If you have experienced this or your customers have reported the problem, please simply retry and they should go through fine. Apologies for any inconvenience caused.

Service Alert: Zimbra Server Upgrades

Starting on Mon 13th Feb, we will begin a series of Operating System upgrades to our Zimbra servers to onto the latest version of Linux in preparation for upgrading Zimbra to the latest version (8.7.1), the upgrades for which will follow a couple of weeks later.

This will, unfortunately, involve some downtime for each server and is not without its risks.

We anticipate that each server will be down for a period of up to 2 hours, but hoping to keep it to 30 minutes.

The planned schedule is as follows: Mon 13th 22:00 – zimbra004 Wed 15th 22:00 – zimbra003 Thu 16th 22:00 – zimbra002 As part of this work, we will be removing support for some weak or obsolete SSL ciphers to improve security levels.

This could affect some users still running old web browsers.

Please accept our apologies for any inconvenience caused by this.

Using MessageBunker with Gmail

Gmail archiving

A requirement of MessageBunker that we store the user’s credentials, encrypted of course, so that we can access their mailbox for archiving. Wherever possible, we look for alternative solutions that allow for improved security and privacy. Gmail offers one such solution.

MessageBunker can be granted a token by Gmail with the end-user’s permission, that needs refreshing hourly. This token can be used to log in. The process is known as ‘oAuth’ as is fairly common on the web, but this is the only implementation for IMAP that we are aware of.

When a user creates a new archive on MessageBunker, we send them to Google to give us permission to access their Gmail. We then get a confirmation back and a token we can use to log in.

The user does not need to reveal their password and can revoke our access to their Gmail account at any time, without the need to change their password, or alter any other systems that are accessing the account.