Chat server updated
We’ve had a couple of persistent problems with our XMPP chat server since upgrading to Ejabberd (3.0 pre-release with patches) last year. “Malformed XML” errors. We suspect these were due to bugs with...
View Article*.fastmail.fm certificate updated
The SSL certifcate for *.fastmail.fm (that is, http://www.fastmail.fm, and all other subdomains) was due to expire in a couple of months, so this morning we’ve updated it to a new one. Because its not...
View ArticleOne step forward, two steps back
It’s been a really bad week for me. Backing out two significant pieces of work. One only released recently, but the other having caused problems for an entire year, and I’m really sorry to those...
View ArticleGoodbye old.fastmail.fm
Summary In early 2009 we rolled out an updated web interface to all users. This is the interface you currently see when you login at http://www.fastmail.fm as most users do. To give users time to...
View ArticleNew login and session management code on beta.fastmail.fm
We’ve just rolled out some new code on our beta server that significantly changes how sessions are managed. This new code reduces some overall session complexity, fixes some long term bugs, and adds...
View ArticleChanges to delete behaviour with conversations
Over the past week we have changed how deletion works in our new modern interface. In this blog post I will explain what those changes were, and some actions we have taken to ensure no emails are...
View ArticleThe technology behind the classic and new interfaces
I recently wrote a postmortem for our old interface, now I want to explain how the addition of a modern interface alongside our classic interface is different. In short, classic is here to stay. For...
View ArticleInter-tab communication using local storage
A few weeks ago we launched our new webmail service for all users at FastMail. Once being used by a wider audience, we of course received reports of a few edge cases our testing hadn’t managed to...
View ArticleUpdate to DNS hosting
We’ve rolled out a change to our DNS hosting abilities to switch our backend from tinydns to powerdns. We’d previously tried this change once before but had some problems and had to roll back. After...
View ArticleIntermittent bayes db corruption resolved
This is a technical post that describes the history and recent efforts to track down a bug that was corrupting some users bayes databases. Fastmail users subscribed to receive email updates from the...
View ArticlePush events, NAT TCP connection timeouts, and device sleep
This is a technical post. Regular FastMail users subscribed to receive email updates from the FastMail blog can just ignore this post. When we released the new user interface last year, one of the...
View ArticleFastmail uses perfect forward secrecy with https/TLS connections
There’s been a number of articles recently about perfect forward secrecy (PFS). The main aim of PFS is to ensure that even if the private SSL/TLS key for www.fastmail.fm was ever compromised, it would...
View ArticleiOS 7 Mail App uses multi-folder body searches by default
This is a technical post. Regular FastMail users subscribed to receive email updates from the FastMail blog can just ignore this post. We’ve recently been testing out the Mail application in iOS 7 and...
View ArticleMac OS 10.9 – Infinity times your spam
UPDATE: the cause of the “infinite copy” bug was tracked down to a user side applescript. I have written a separate blog post about it. This is a technical blog/rant. Users of FastMail who don’t use...
View ArticleApple mail “bug” turns out to be user script after all
This is a technical blog post which gives updates on the previous post. There is no need to read this unless you’re particularly interested in IMAP protocol issues and/or gossip. Of course it’s hard to...
View ArticleContent Security Policy now on Beta
At FastMail, we’re always looking to increase security for our users. Cross-site scripting (XSS) attacks are one of the dangers that all websites must take care to mitigate against. HTML email is the...
View ArticleDiary of an outage
As some of you are no doubt aware, yesterday we had a fairly serious outage. It only affected a small number of users, but for them it meant some some 4-6 hours with partial or no access to mail. In...
View ArticleCleaning up from an IMAP server failure
This blog post is highly technical. I cover details about how our email storage system works and how it was impacted by a complex server corruption and failure. I explain why our normal procedures...
View ArticleWhen two-factor authentication is not enough
TL;DR: This is the story of a failed attempt to steal FastMail’s domains. We don’t publish all attempts on our security, but this one stands out for how much effort was put into the attack, and how far...
View ArticleSSL certificates updated again
A few days ago we updated our SSL certificates. The algorithm used to sign these certificates (SHA256) presented problems with some older clients and operating systems, notably WebOS and Nokia devices....
View Article
More Pages to Explore .....