SSLv3 disabled on our webmail servers

We’ve updated the SSL/TLS security settings on our webmail servers to match current “best practices” for security, disabling “SSLv3”.

Our customers shouldn’t notice any changes. (We made this change on our main website some time ago with no reports of problems, and many of the largest sites on the Internet have done the same.) We’re just mentioning this so that people know to contact us in the unlikely event they do have any trouble.

That said, if you do have any trouble, it’s probably because you’re using an outdated, insecure web browser that you should update. You can check your browser by visiting www.howsmyssl.com. If you can’t update it, using a different browser on your computer will probably help.

PHP 7.0.26 and 7.1.12

The PHP developers recently released versions 7.0.26 and 7.1.12 that fix several bugs. We’ve upgraded the PHP 7.0 and 7.1 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Update Nov 29: It turns out these new versions of PHP both contain a bug that can cause rare crashes of a handful of scripts, including the NexGEN Gallery plugin for WordPress. We’ve temporarily reverted back to PHP 7.0.25 and 7.1.11 until this is fixed by the PHP developers.

Update Dec 4: We’ve applied patches from the PHP developers to fix the bug and re-deployed the fixed versions.

Mailman mailing list software upgraded to version 2.1.25

The authors of the Mailman mailing list software we provide for customers have recently released version 2.1.25 to fix several bugs.

We’ve upgraded the Mailman software on our servers as a result.

Users of Mailman lists shouldn’t notice any changes, but as always, don’t hesitate to contact us if you have any questions or see any problems.

PHP 5.6.32, 7.0.25, and 7.1.11

The PHP developers recently released versions 5.6.32, 7.0.25, and 7.1.11 that fix several bugs. We’ve upgraded the PHP 5.6, 7.0 and 7.1 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

PHP 7.0.24 and 7.1.10

The PHP developers recently released versions 7.0.24 and 7.1.10 that fix several bugs. We’ve upgraded the PHP 7.0 and 7.1 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

PHP 7.0.23 and 7.1.9

The PHP developers recently released versions 7.0.23 and 7.1.9 that fix several bugs. We’ve upgraded the PHP 7.0 and 7.1 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Mailman mailing list software upgraded to version 2.1.24

The authors of the Mailman mailing list software we provide for customers have recently released version 2.1.24 to fix several bugs.

We’ve upgraded the Mailman software on our servers as a result.

Users of Mailman lists shouldn’t notice any changes, but as always, don’t hesitate to contact us if you have any questions or see any problems.

SSL pages for Mailman mailing list software

We’ve added Let’s Encrypt SSL support to many Mailman mailing list pages, including all the pages that ask for passwords or login information.

The use of SSL should be transparent. If you have bookmarks to URLs on your own lists like http://lists.example.com/mailman/admin/listname, you’ll automatically be redirected to the SSL (https) version of that page when you load it.

(New lists may not use SSL immediately when created, but will be switched to SSL when our system is able to obtain an SSL certificate for them. Quicker automation of this is something we’re working to improve.)

Users of Mailman lists shouldn’t notice any changes beyond pages being marked as “secure” in web browsers, but as always, don’t hesitate to contact us if you have any questions or see any problems.

PHP 7.0.22 and 7.1.8

The PHP developers recently released versions 7.0.22 and 7.1.8 that fix several bugs. We’ve upgraded the PHP 7.0 and 7.1 series on our servers as a result.

In addition, ionCube Loader is now available for the PHP 7.1 series, so we’ve made that an option you can enable in our “My Account” control panel.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Change to some default SPF mail DNS records (softfail instead of neutral)

This post describes a technical change that most customers can ignore; we’re posting it for advanced users who may be interested.

If you have hosting service with us, we publish a default SPF record in your DNS zone if you don’t provide one yourself.

Read the rest of this entry »