EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 27 Oct 2021, 09:56 AM   #1
pjwalsh
Essential Contributor
 
Join Date: Dec 2008
Location: Canada
Posts: 312
Fastmail Fights Off Ransom Cyberattack

https://fastmail.blog/company/fastma...om-cyberattack
Oct 26

Last edited by pjwalsh : 28 Oct 2021 at 11:56 AM. Reason: URL change
pjwalsh is offline   Reply With Quote

Old 27 Oct 2021, 05:00 PM   #2
Berenburger
The "e" in e-mail
 
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,898
Well written. Even I get it.
Berenburger is offline   Reply With Quote
Old 27 Oct 2021, 05:48 PM   #3
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,084
Let's just hope it's another six years until the next major DDoS attack against Fastmail.

As an aside, it appears that a long supported, but somewhat underused, protection against temporary unavailability at Fastmail once again worked well. This is configuring aliases (both Fastmail aliases and your own domain aliases) to deliver mail to a backup account at an unaffected backup mail provider as well as Fastmail. Because of the way Fastmail's MX servers are distributed and configured, this allows the backup mail service to receive email even when delivery to Fastmail's main data centre is not possible (and where you cannot access the messages if they are delivered). In my case, the backup mail service is not as convenient to use, mostly because I only use it in an emergency, and the messages (new and old) are not properly organised. However, it does mean I can always access urgent messages during events such as the latest DDoS attack.
BritTim is offline   Reply With Quote
Old 27 Oct 2021, 08:13 PM   #4
Berenburger
The "e" in e-mail
 
Join Date: Sep 2004
Location: The Netherlands
Posts: 2,898
Quote:
Originally Posted by BritTim View Post
As an aside, it appears that a long supported, but somewhat underused, protection against temporary unavailability at Fastmail once again worked well. This is configuring aliases (both Fastmail aliases and your own domain aliases) to deliver mail to a backup account at an unaffected backup mail provider as well as Fastmail. Because of the way Fastmail's MX servers are distributed and configured, this allows the backup mail service to receive email even when delivery to Fastmail's main data centre is not possible (and where you cannot access the messages if they are delivered). In my case, the backup mail service is not as convenient to use, mostly because I only use it in an emergency, and the messages (new and old) are not properly organised. However, it does mean I can always access urgent messages during events such as the latest DDoS attack.
At least the services (Basic/Plus) of Pobox were not hit. Maybe with some modifications…… 🤔
Berenburger is offline   Reply With Quote
Old 28 Oct 2021, 08:39 AM   #5
gardenweed
Cornerstone of the Community
 
Join Date: Jun 2008
Location: Perth
Posts: 664
Quote:
Originally Posted by BritTim View Post
Let's just hope it's another six years until the next major DDoS attack against Fastmail.

As an aside, it appears that a long supported, but somewhat underused, protection against temporary unavailability at Fastmail once again worked well. This is configuring aliases (both Fastmail aliases and your own domain aliases) to deliver mail to a backup account at an unaffected backup mail provider as well as Fastmail. Because of the way Fastmail's MX servers are distributed and configured, this allows the backup mail service to receive email even when delivery to Fastmail's main data centre is not possible (and where you cannot access the messages if they are delivered). In my case, the backup mail service is not as convenient to use, mostly because I only use it in an emergency, and the messages (new and old) are not properly organised. However, it does mean I can always access urgent messages during events such as the latest DDoS attack.
I was also able to use my backup email provider, with all my Fastmail email coming into the backup email just fine.
I was surprised (happily) that the DDOS attack didn't affect the forwarding to the backup provider.
So I'm glad about that "MX servers are distributed ...." thingy that you describe above.
Worked for me.
gardenweed is offline   Reply With Quote
Old 28 Oct 2021, 10:39 AM   #6
Bamb0
Master of the @
 
Join Date: Feb 2005
Location: USA
Posts: 1,862
It would be nice if they found out who did it!!!!!
Bamb0 is offline   Reply With Quote
Old 28 Oct 2021, 11:20 AM   #7
n5bb
Intergalactic Postmaster
 
Join Date: May 2004
Location: Irving, Texas
Posts: 8,917
The link now fails -- the URL of this blog report was changed to:
https://fastmail.blog/company/fastma...m-cyberattack/
n5bb is offline   Reply With Quote
Old 28 Oct 2021, 04:41 PM   #8
hadaso
The "e" in e-mail
 
Join Date: Oct 2002
Location: Holon, Israel.
Posts: 4,801
Quote:
Originally Posted by Bamb0 View Post
It would be nice if they found out who did it!!!!!
It was the Cursed Patriarch ...
Apparently he eventually dies, but the story is not written yet...
hadaso is offline   Reply With Quote
Old 29 Oct 2021, 06:09 AM   #9
Bamb0
Master of the @
 
Join Date: Feb 2005
Location: USA
Posts: 1,862
Yea I hear that!!!!!!!
Bamb0 is offline   Reply With Quote
Old 3 Nov 2021, 06:53 AM   #10
PON
Essential Contributor
 
Join Date: Mar 2002
Location: Wicklow, Ireland
Posts: 449
Quote:
Originally Posted by BritTim View Post
As an aside, it appears that a long supported, but somewhat underused, protection against temporary unavailability at Fastmail once again worked well. This is configuring aliases (both Fastmail aliases and your own domain aliases) to deliver mail to a backup account at an unaffected backup mail provider as well as Fastmail.
Can you elaborate on this? I.E., give an example of how to set this up. This requires the domain be pointed to Fastmail's DNS servers?

I manage my own DNS records at a 3rd party DNS service and for some years I split my MX records between Fastmail and Tuffmail in the early days of Fastmail when it wasn't as reliable as it is now but am not doing so now. I now use my alternate email provider (Tuffmail) for additional domains not hosted at Fastmail. Am still considering where to move those before year end.
PON is offline   Reply With Quote
Old 3 Nov 2021, 08:15 AM   #11
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,084
Quote:
Originally Posted by PON View Post
Can you elaborate on this? I.E., give an example of how to set this up. This requires the domain be pointed to Fastmail's DNS servers?

I manage my own DNS records at a 3rd party DNS service and for some years I split my MX records between Fastmail and Tuffmail in the early days of Fastmail when it wasn't as reliable as it is now but am not doing so now. I now use my alternate email provider (Tuffmail) for additional domains not hosted at Fastmail. Am still considering where to move those before year end.
The support I am referring to requires that you are using the Fastmail MX servers. Those servers have specific support to relay any messages to any non Fastmail email accounts identified by your alias settings. Delivery is controlled by the Delivery to when setting up the alias for either your own domain or a Fastmail alias. This can be used for any email you receive except that to your main account email. What you should do is specify both your Fastmail account and your backup account as targets for your received email.

This works well because the MX servers are geographically distributed and not reliant on the main datacentre used by Fastmail being available.

Fastmail has provided this support for many years, and I can confirm that it works.
BritTim is offline   Reply With Quote
Old 23 Dec 2021, 05:13 PM   #12
an3
Junior Member
 
Join Date: Jun 2003
Location: Salem, Oregon, USA
Posts: 24
Does FM have a policy regarding payment of ransomware demands?
an3 is offline   Reply With Quote
Old 23 Dec 2021, 05:18 PM   #13
DumbGuy
Essential Contributor
 
Join Date: Oct 2008
Posts: 212
Quote:
Originally Posted by an3 View Post
Does FM have a policy regarding payment of ransomware demands?

I'm pretty sure they've stated in their blog that they never payout ransom demands. This is in the context of DDOS attacks, but I would assume it spills over to ransomware as well.
DumbGuy is offline   Reply With Quote
Old 25 Dec 2021, 05:37 AM   #14
n5bb
Intergalactic Postmaster
 
Join Date: May 2004
Location: Irving, Texas
Posts: 8,917
The official policy of Fastmail is:
Quote:
We never pay extortionists. Doing so encourages further ransom payments and future threats to us and to others.
See:
https://fastmail.blog/company/fastma...m-cyberattack/

Bill
n5bb is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 08:06 PM.

 

Copyright EmailDiscussions.com 1998-2022. All Rights Reserved. Privacy Policy