EmailDiscussions.com

EmailDiscussions.com (http://www.emaildiscussions.com/index.php)
-   FastMail Forum (http://www.emaildiscussions.com/forumdisplay.php?f=27)
-   -   Fastmail seems to be down (http://www.emaildiscussions.com/showthread.php?t=78871)

TenFour 23 Oct 2021 08:01 PM

Imagine how much better the Internet would be if it wasn't clogged with nefarious and junk data! I've read somewhere that even during normal times more than 90% of emails flowing through the Internet are spam or malicious.

earlybird 24 Oct 2021 01:07 AM

Somebody else getting constant 403 HTTP errors on CardDAV/CalDAV on sync?

Is this a IP black list?

The behaviour I see is inconsistent because apparently my DAV clients when logging on get a complete list of all available calendars and address books but cannot sync from / to them. It seems specific HTTP verbs are being blocked. Also, one DAV client is being let through whereas another client is not, from the same network with the same public IPv4 address.

Not sure if the most recent update of DAVx5 broke sync on Android 9. The device not working is on Android 9, the one that works is on Android 11.

My traffic originates from AS6805 and 77.8.0.0/15.

DumbGuy 24 Oct 2021 06:37 AM

Runbox, 1 of the handful of small email providers who got DDoS'd, posted the threat email they received to their blog:

https://blog.runbox.com/2021/10/runb...extortionists/

Webgenie 24 Oct 2021 09:50 AM

Good grief! I was planning to duplicate my mail from Fastmail at Posteo. I cannot imagine ever not having Fastmail, but wanted a backup and already have had Posteo for a few years. They, too, are great, by the way, but none can compare to all the features at Fastmail.

Quote:

Originally Posted by spamsux (Post 622857)
Just came across this. Since this affects both Runbox and Fastmail, I'm posting it in both forums. Hope that's OK, just this once. :)

https://therecord.media/ddos-attacks...ail-providers/


lauricat 24 Oct 2021 10:25 AM

I am really hoping for FM's sake that this can be done and dusted by Monday Morning - where-ever in the world.

That's when most - who are probably oblivious to this happening - need their business email/Calendars/etc to just work

balaji 24 Oct 2021 01:12 PM

Quote:

Originally Posted by earlybird (Post 622870)
Somebody else getting constant 403 HTTP errors on CardDAV/CalDAV on sync?

Is this a IP black list?

The behaviour I see is inconsistent because apparently my DAV clients when logging on get a complete list of all available calendars and address books but cannot sync from / to them. It seems specific HTTP verbs are being blocked. Also, one DAV client is being let through whereas another client is not, from the same network with the same public IPv4 address.

Not sure if the most recent update of DAVx5 broke sync on Android 9. The device not working is on Android 9, the one that works is on Android 11.

My traffic originates from AS6805 and 77.8.0.0/15.

I have the same issue as well, mail works for me but not the CardDAV.

TenFour 24 Oct 2021 08:43 PM

According to the Fastmail Status page the DDOS attack is still impacting things. https://www.fastmailstatus.com/

NJSS 25 Oct 2021 04:01 PM

I had a flood of email this morning between 06:14 & 06:24 much of which I know was delayed by many hours.

It' now 08:00 BST and I have received no emails since 06:25 which is most unusual, so I suspect that matters are still not yet resolved.

NJSS

evfrson 26 Oct 2021 07:18 AM

I have delays to receiving/sending email too and problems loading images.
Really disappointed that FastMail is taking so long to resolve these issues.

Bamb0 26 Oct 2021 10:37 AM

I wonder if they are having staffing problems like alot are now...........

n5bb 26 Oct 2021 12:14 PM

I am in the Dallas Texas area. Four days ago (when the DDOS distributed denial of service extortion attack on several email providers started), I was unable to access Fastmail services erratically for a couple of days. But the last couple of days Fastmail has been solid here, with no difficulties.

This is a DDOS attack on several providers, and in these cases the attack often floods the network ISP connections used by Fastmail with a huge number of data packets, or they attack the DNS system to prevent network address resolution. Based on previous DDOS attack public reports by Fastmail staff, they have a robust system with equipment and procedure which will block most such attacks. But it's impossible for them to fully block all such attacks. The current internet is not robust when under a determined attack by criminals.

Bill

DumbGuy 26 Oct 2021 02:16 PM

Quote:

Originally Posted by n5bb (Post 622932)
I am in the Dallas Texas area. Four days ago (when the DDOS distributed denial of service extortion attack on several email providers started), I was unable to access Fastmail services erratically for a couple of days. But the last couple of days Fastmail has been solid here, with no difficulties.


This has been my experience too, here in US Pacific NW. Although, like mentioned by evfrson earlier, I'm still having issues with images not loading, or loading very slowly, in the webmail UI. (Not a big deal for me.)

Webgenie 1 Nov 2021 01:36 AM

Hopefully just a temporary glitch, but here in Northern California I can't access FM website - which I tried to do because IMAP is not working in The Bat!

NJSS 1 Nov 2021 01:41 AM

FM down again here in the UK for at least the last 15 minutes - 17:35 GMT.

Quote:

Secure Connection Failed

An error occurred during a connection to www.fastmail.com. PR_END_OF_FILE_ERROR

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.
I cannot get access to webmail through POBox.Com as they are now using the FM servers.

It really would help if FM & POBox used different servers - please.

NJSS

evfrson 1 Nov 2021 01:51 AM

Down here too for me in UK (London)

From Twitter:


Fastmail
@Fastmail

15m
We are currently experiencing network issues that may cause Fastmail to be unavailable; we are investigating and hope to be back online soon.

Chipper 1 Nov 2021 02:25 AM

Down for me also. At least 30 minutes.

Current Time:
* 2:25 PM USA (EST)
* 6:25 PM GMT

evfrson 1 Nov 2021 02:44 AM

According to Twitter it's another DDOS attack 🤔

Webgenie 1 Nov 2021 02:52 AM

Sad. But I have to say that it appears that Fastmail is on it and working to get things back to normal. I appreciate that.

Quote:

Originally Posted by evfrson (Post 623067)
According to Twitter it's another DDOS attack 🤔


bertradio 1 Nov 2021 02:55 AM

IMAP is working with Thunderbird on my desktop and Aquamail on my Android phone. Seems like it's the web apps that are down.

NJSS 1 Nov 2021 03:02 AM

I can check spam at POBox, but not my webmail - very frustrating.

NJSS

hans2010 1 Nov 2021 03:09 AM

Quote:

Originally Posted by TenFour (Post 622877)
According to the Fastmail Status page the DDOS attack is still impacting things. https://www.fastmailstatus.com/

The above post was from last week. For today (Oct. 31), the above link says:

Quote:

We are seeing continued DDoS attacks against our infrastructure and are working with our network provider on mitigation strategies. Our team are working hard to provide stability.
I wonder if the Internet can evolve to where DDoS attacks can be throttled at source.

evfrson 1 Nov 2021 03:46 AM

Seems to be back now.

n5bb 1 Nov 2021 04:01 AM

Due to the nature of the defense against these attacks, some locations may be affected more than others. I havenít noticed a complete loss of Fastmail services during the past few hours, but at times the system was much slower than normal.

Quote:

Originally Posted by hans2010 (Post 623072)
.. I wonder if the Internet can evolve to where DDoS attacks can be throttled at source.

The initial D in DDOS stands for ďDistributedĒ, and this complicates the problem. If the attack packets are arriving from thousands of unrelated zombie infected devices from a wide range of locations, the old routing systems canít throttle them at the sources. Many techniques have been proposed to add features to internet routers to allow them to be commanded to block attacks, such as:

https://www.faculty.ece.vt.edu/parkj...arch/AD_CR.pdf

https://www.cs.unc.edu/~jeffay/cours...ddos-src02.pdf

I donít know if any of these have been actual deployed on a wide scale basis. For most of these techniques to be useful, I believe that they need to be deployed at the vast majority of edge routers where packets enter the internet.

Bill

xyzzy 1 Nov 2021 05:46 AM

Seems to be working again (at least for me). Status page has been appropriately updated.

Berenburger 1 Nov 2021 06:43 AM

Quote:

Originally Posted by NJSS (Post 623071)
I can check spam at POBox, but not my webmail - very frustrating.

The webmail package (Mailstore) is one whole with that of Fastmail.

lauricat 1 Nov 2021 11:24 AM

Out for me in AUS.

Terry 1 Nov 2021 11:45 AM

Yea same here...west of Bris

astrodog73 1 Nov 2021 12:14 PM

Out now.... Newcastle...
It was out early this am too...

evfrson 1 Nov 2021 12:16 PM

Out for me in the UK too (again).

bertradio 1 Nov 2021 12:28 PM

As before, IMAP client (Thunderbird) gets mail with no problem. The issue seems to be with the web interface.

DumbGuy 1 Nov 2021 01:31 PM

I may be having some luck connecting in to webmail (and POP via desktop client) by connecting in from other countries via my VPN service. It's hard to say for sure, as FM access may be intermittent anywhere during the attack.

astrodog73 1 Nov 2021 01:40 PM

We're back...

NJSS 1 Nov 2021 03:56 PM

Quote:

Originally Posted by Berenburger (Post 623081)
The webmail package (Mailstore) is one whole with that of Fastmail.

Yes that was my point - a retrograde step I fear.

I am gong to have to rework my setup which has been unchanged since well before FM acquired POBox.

NJSS

xyzzy 2 Nov 2021 03:36 AM

Ugh, still out.:mad:

This is the longest I've been without access since I joined FM a few years ago. Maybe this is an argument against depending on using aliases (or those masked addresses) and just using a single email address and filtering off that (assuming that would even work should we ever get the system back to make such a change). I use a forwarding service so I could just point it to some other email service but that won't help with the aliases.

evfrson 2 Nov 2021 03:44 AM

I'm rapidly coming to the conclusion that if I want guaranteed reliability then I am going to have to use one of the big providers Google, Microsoft et al.
I use my own domain name so it would be very easy for me to do that.
I am going to see how this week pans out and then decide.

Webgenie 2 Nov 2021 04:21 AM

Well, I've been with Fastmail since 2004. I think what is happening could happen to any provider, and I feel confident that everything is being done to fix and prevent this in the future. However, I did want to back up my mail online and accessible by IMAP, and tried gmail first. Did not work because it uses Labels not Folders. In the end, I got it done at gmx dot com. Also, I have yet to find a provider that offers what Fastmail does, including easily hosting simple web pages and domains. I definitely do not want to leave Fastmail, given my experience with it and believing that those there are more concerned and dedicated to us than the big providers.

Quote:

Originally Posted by evfrson (Post 623096)
I'm rapidly coming to the conclusion that if I want guaranteed reliability then I am going to have to use one of the big providers Google, Microsoft et al.
I use my own domain name so it would be very easy for me to do that.
I am going to see how this week pans out and then decide.


TenFour 2 Nov 2021 04:30 AM

Here's the thing about email reliability, which is #1 in my list of criteria when choosing a service. The other day I received a business email at work (Microsoft 365 Business) that announced an impending deadline of the next day for something that could be worth around $12K. Unfortunately, that was the first notice of this action I needed to take, and I took it. Similarly, I've received various travel cancellations at the last minute via email that if I had missed them would have cost money and hassle. My father received various tax warnings from the government that he ignored and they cost him thousands of dollars. Things arrive via email that are critical and time sensitive. It is easy to dismiss outages by saying "we're sorry, and no mail is lost" but that isn't good enough. On the other hand, the attackers are sophisticated and difficult to defeat. DDOS attacks may be one of those things that only the largest providers can deal with.

NJSS 2 Nov 2021 05:07 AM

I am reminded of this thread:-

http://emaildiscussions.com/showthread.php?t=14140

which I started in July 2003.

It would be interesting to see how people's views have changed since then.

Sadly part of my elegant redundancy plan was to use POBox in addition to FM, which was defeated by their merger in late 2015 & subsequently moving to a common platform.

NJSS

xyzzy 2 Nov 2021 05:40 AM

Just thought of something I'm curious about. When these DDOS attacks first started as I understand it it was on a number of email services. Then I thought there was a pause as the various services mitigated the attack. So when this problem reoccurred for FM are they currently the only ones now under attack? If so my thought is maybe FM shouldn't have posted that blog taunting the hacker(s) about what FM was doing about it.

n5bb 2 Nov 2021 07:03 AM

Quote:

Originally Posted by xyzzy (Post 623100)
Just thought of something I'm curious about. When these DDOS attacks first started as I understand it it was on a number of email services. Then I thought there was a pause as the various services mitigated the attack. So when this problem reoccurred for FM are they currently the only ones now under attack? If so my thought is maybe FM shouldn't have posted that blog taunting the hacker(s) about what FM was doing about it.

There are always DDOS attacks occurring. I doubt that itís known whether these recent attacks against certain email providers are the work of one person, a gang, or are copycat attacks. Iím sure that Fastmail isnít the only organization under a DDOS attack by someone this week!

Did you mean the blog post below? It was published six years ago, and hardly a taunt. It was simply the facts, including that they (and most other reputable organizations) would not pay ransom to these criminals. That might be an illegal payment aiding a cybercriminal in many jurisdictions.
https://fastmail.blog/advanced/how-t...a-ddos-attack/

The blog post by the Fastmail Chief of Staff was also not a taunt. She simply stated the facts. If Fastmail had ignored their customers and not commented on their blog (and social media accounts), many posters here at EMD would have complained loudly.

Bill


All times are GMT +9. The time now is 08:44 AM.


Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy