|
Runbox Forum Everything related to Runbox should go here: suggestions, comments, complaints, questions, technical issues, etc. |
|
Thread Tools |
5 Nov 2015, 03:33 AM | #1 |
Cornerstone of the Community
Join Date: Nov 2008
Location: UK
Posts: 549
Representative of:
Runbox.com |
Runbox under DDoS Attack
We had a DDoS (Distributed Denial of Service) attack on our email services today, preventing some users from accessing our servers for a short time.
Together with our server management and hosting partners we mitigated the attack. There might be more attacks in the coming days, so please check our blog, support page or Twitter page for updates if you can’t access our email services. |
5 Nov 2015, 04:53 AM | #2 |
The "e" in e-mail
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,616
|
Looking at EMD Favorites on Twitter today, it's showing DDoS attacks not only on Runbox, but also Proton Mail and VFEmail.
MXroute also having problems with SPAM outbreak. Coincidence, or? |
5 Nov 2015, 11:10 AM | #3 |
Member
Join Date: Feb 2009
Posts: 31
|
Blog post from owner of VFEmail on DDoS
|
5 Nov 2015, 03:16 PM | #4 |
The "e" in e-mail
Join Date: Sep 2005
Location: Macao
Posts: 2,163
Representative of:
tls-mail.com |
My biz service meets DDOS attack almost every day.
|
5 Nov 2015, 04:20 PM | #5 |
Ultimate Contributor
Join Date: Dec 2001
Location: Canada.
Posts: 10,355
|
As a customer of many different email services (over the years) I expect the company I am using to just deal with these. DDOS attacks are not anything that is new.... Because of that (oft-times) I usually prefer to just pick up the phone. It is truly sad that after (approx) twenty five years, email is still in the same abysmal state as it was when it was first invented.
Last edited by David : 6 Nov 2015 at 01:40 AM. |
5 Nov 2015, 11:35 PM | #6 | |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
Quote:
That's enough nostalgia, time to update my antivirus software :-) |
|
6 Nov 2015, 07:17 AM | #7 |
The "e" in e-mail
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,908
|
What's going on? Runbox, VFEmail, Protonmail! Who's next?
|
6 Nov 2015, 08:12 AM | #8 |
Cornerstone of the Community
Join Date: Nov 2008
Location: UK
Posts: 549
Representative of:
Runbox.com |
Update
We have now published a further update on the situation with Runbox.
https://blog.runbox.com/2015/11/ddos-attacks-on-runbox/ |
6 Nov 2015, 05:17 PM | #9 |
Essential Contributor
Join Date: Oct 2013
Posts: 413
|
|
7 Nov 2015, 03:17 AM | #10 |
The "e" in e-mail
Join Date: Nov 2005
Location: San Francisco
Posts: 2,281
|
Runbox: continue to do your best to mitigate the attacks, technically -- and without coins or $.
|
7 Nov 2015, 06:20 AM | #11 |
The "e" in e-mail
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,908
|
Runbox was under a new DDoS attack on Friday.
|
7 Nov 2015, 07:29 AM | #12 |
The "e" in e-mail
Join Date: Sep 2001
Location: Oslo, Norway
Posts: 2,938
Representative of:
Runbox.com |
Thanks for the support!
We continue to post updates here: https://blog.runbox.com/2015/11/ddos-attacks-on-runbox/ - Geir |
7 Nov 2015, 01:48 PM | #13 |
Junior Member
Join Date: Oct 2015
Location: Vancouver Island, Canada
Posts: 19
|
My most important email accounts have secondary MX records pointing to Google Apps (my former email provider), so when my emails are blocked at Runbox by DDoS attacks, at least I can get the incoming messages over at my Gmail accounts.
This makes me wonder... could Runbox get creative and have their own secondary MX routes that are not as obvious to direct attack? Or so many paths that it's unrealistic for hackers to try and take down them all? If anything, it would spread the attack thinner, possibly allowing some systems to continue responding. Google has many MX records, and in the 8 years that I used them, I never had any problems. Runbox has one MX record, and 5 months into using them, my email (and my productivity) is already affected. I know it's not just about MX records, that was just one example of a difference between two providers that I've used. In my own small (very small, less than a dozen paying clients) business, I take no chances. All websites that I build incorporate 6 redundant asset servers set up at 5 different providers, one of which is Amazon CloudFront. Even if one of these asset servers became unresponsive, it would have very little affect on my clients' websites. This is a very cheap and easy-to-maintain way of ensuring my services remain online. I do this "just in case". I hope that Runbox can setup their own systems with similar non-connected redundancy. I eagerly await details on how they are mitigating these attacks. |
9 Nov 2015, 03:01 PM | #14 |
The "e" in e-mail
Join Date: Sep 2001
Location: Oslo, Norway
Posts: 2,938
Representative of:
Runbox.com |
Thanks for the suggestion.
Any MX record would have to be public and could therefore be attacked. But you can bet that we are evaluating the past few days' events and looking at how we can mitigate any future attacks even better. - Geir |
20 Nov 2015, 11:57 PM | #15 |
Essential Contributor
Join Date: Nov 2007
Posts: 236
|
All over then? Wasn't so bad - I barely noticed a thing
|