Service Status

Here you will find updates regarding the status of the Runbox email services. We also post updates in the Runbox Forum, where you might find more information about any service irregularities. For support inquiries, please use either the Forum or the Support Center.

10.01.2012 12:00 CET

Phishing scam mails

There have again been several attempts to send so-called phishing mails to runbox users over the last week or so. Most of these mails seek to trick users into revealing login info, usually in order to abuse the accounts for spamming. We are reminding people again to never respond to or click on links in any mails which do not contain your name (as given to us when you signed up) in the greeting at the top. Scam mails will always say something generic like "Dear runbox user" or "Attention webmail users" or similar. This is the single easiest way to separate real mails from us from scam mails, even if you aren't too familiar with the real mails we send out for billing purposes etc.

If you do receive a suspicious mail, please open a support ticket at https://support.runbox.com or forward it to us at abuse.runbox.com, thank you.

Current issues

IMAP ports

If you are still using port 1143 for IMAP, please switch to the default port 143 as the former is no longer supported. Port 1143 was only used for testing of alternative IMAP implementations which have since been consolidated. More information about correct IMAP setup can be found on our IMAP help page.

Important information regarding recurring billing

Please note that due to our new payment system, those of you who have recurring billing activated at present will have to re-activate this by making a manual renewal in the new system when your expiration date approaches. *No previously recurring payments will be run after Friday April 16, 2010,* under the new system. It is not possible to update cards by adding them to the Account page any longer either, cards can only be updated by making a payment, which will save it for later use if you choose to use recurring billing. These changes were not made by our choice, so we do apologize for the trouble.

Spam

Spam continues to be a problem affecting all email services and users, and the amount of spam being sent globally is illustrated by this graph of spam trends. Much of the spam is sent by so-called bot nets of zombie computers that have been infected by computer viruses. See our Anti-spam Info page for more information about spam and how to prevent it.

Spam from your own address

Many users have discovered spam appearing to have been sent from their own address. This does not mean that anyone is using your account without your consent -- it is simply a consequence of the way the email system was designed, which lets anyone send email "from" any address. It's comparable to putting a random return address on an envelope, as it is very difficult to verify who actually sent the email/letter.

This type of email falsification is perpetrated by spammers to make the sender address of spam to appear legitimate, and to avoid receiving the error messages that are generated by non-existent recipient addresses (spammers tend to send large amounts of messages to more or less random addresses).

Additionally, spammers exploit the fact that many email users have whitelisted their own address, which means that spam being sent "from" their own address will categorically be perceived as legitimate email by their spam filter, thus being delivered to their Inbox. We therefore recommend that you do not include your own address in the whitelist (in the Filter section) or in the Contacts section (which is automatically whitelisted).

Please see our Filter help page for more help with handling spam.

Spam bounces sent to Runbox addresses

Unknown spammers have recently been forging Runbox email addresses (randomly, although having a short or first name username increases the chances of such incidents) on their junk mail, causing many of our users to get the bounces. This is just about impossible to prevent, since spammers as a rule use servers which don't require any sort of authentication, and anyone using email can make their mails look like they come from the address of their choice. No one has actually used the forged accounts, in other words. This is an increasing problem, affecting many domains.