Categories
Announcements

IMAP Shared Folder Support

IMAP shared folder support has been enabled on our Hosted Mail services. This allows sharing one or more folders with per-user permissions with other users within the same mail domain.

Shared folders will appear under a “shared” namespace where you can subscribe to shared folders the user you’re logged in with has permissions for.

Access lists can be set with any mail client that support IMAP ACL. If your mail client doesn’t support our webmail client does, you can log in with Roundcube to set shared folder permissions.

Shared folders are limited to accounts within the same mail domain name, so you can’t share folders across different domains.

Special Note: Sieve scripts must now use / as the separator (instead of .) for folder paths when using the fileinto action due to back end changes required to enable shared folder namespaces. We have used sed on all exiting Sieve scripts to update existing fileinto actions.

Categories
Announcements Changes

Price Increases Effective February 1, 2022

Due to a majority of our suppliers increasing prices for various reasons over the last year, we will be raising some of our prices.

For all new service orders and change orders signed after February 1, 2022, existing customers that are past the end of their term agreement, and month-to-month customers, the following prices will be increasing 5%:

Full Rack Colocation Package

  • Old Price: $949.00
  • New Price: $996.45

Half Rack Colocation Package

  • Old Price: $449.00
  • New Price: $471.45

Shared Space Colocation

  • 1U: $99.00 (No Change)
  • 2U: $109.20
  • 3U: $117.60
  • 4U: $134.40
  • 5U: $145.95
  • 6U: $166.95
  • 7U: $198.45
  • 8U: $229.95
  • 9U: $250.95
  • 10U: $271.95

The included IPv4 subnet for shared space colocations will be changed from a /29 to a /30.

Custom Colocation Package Base Rates

Full Rack Base Rate

  • Old Price: $349.00
  • New Price: $366.45

Half Rack Base Rate

  • Old Price: $180.00
  • New Price: $189.00

Antenna Colocation

List prices for antenna colocation are remaining the same, but any customers currently receiving discounted rates for antenna colocation will be updated to current list price. We will also be normalizing all antenna colocation related charges into one of the three antenna classes; previously we would charge adjusted amounts for accessories.

Discounted Rates Carried Past End-of-Term

Any previously contracted discounts that have remained past the end of their term agreement will be removed, and current list price will be applied.

Work Rates

  • Work Rate (daytime hours): $99/hr
  • Work Rate (after hours or holiday): $199/hr

Prices for add-on items or demand charges – such as power, bandwidth, cross connects, outlets, ports, IP addresses, etc. – will remain unchanged. Setup fees will also remain unchanged.

If you are an existing customer under a term agreement your pricing WILL NOT change: the agreement protects you from price increases for the duration of the term.

Effective February 1, 2022 the new prices shown here supersede all other previously published pricing for the affected services, such as literature that was published prior to this date, quotes, service orders or change orders that are not signed by 5:00pm Pacific time on January 31, 2022, and any other places pricing may be shown that has not been updated due to error or omission.

For agreements that allow a term renewal, this only applies to the services originally contracted. Any new services or changes will be quoted with prices in effect at the time of the request. Renewal option must be exercised before term expiration.

Categories
Announcements

End of Basic Wireless Internet Services

As of August 2021, Roller Network will no longer be offering new basic wireless services as a managed (turnkey/ISP) service. We still offer antenna colocation at our facility.

Back in 2013, our journey as an ISP started when someone asked Roller Network to provide a streaming video service to a TV station when no other provider at the time could meet their needs. Since then, we’ve served hundreds of business customers in Reno and Sparks. Our wireless internet services grew through referrals from local IT professionals.

Over time, the referrals ended and many of our internet-only customers moved to other providers. We reached a small enough number of remaining wireless customers that our resources to continue providing the quality of service and customer experience our reputation demanded were limited, nor were we able to expand into the next generation of upgrades with the few that remained.

As such, we made the difficult decision end our lineup of basic wireless internet services. We’re not going out of business or closing; our efforts will be focused on our one of its kind in the area, locally owned and operated colocation datacenter. Letters to all affected customers were sent earlier this year.

If you still have our equipment, please return it to our office. We would like to thank all of our loyal customers for your support over the years and for supporting a local, family-owned business. If you have any questions feel free to call our office.

Categories
Announcements Status

DST Root CA X3 Expired

For more information from Let’s Encrypt visit:
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/


Since September 30th we have received reports from two of our mail services customers that they were no longer able to send/receive mail with their Exchange servers due to a certificate expiration error. Our certificates have not expired; a root certificate (DST Root CA X3) has expired. The Let’s Encrypt R3 is signed by DST Root CA X3 (now expired) and ISRG Root X1 (trusted). The latter, ISRG Root X1, is what should be used.

Since June 2017 Roller Network has been using Let’s Encrypt. Our certificates update continuously: the certificates we have are only valid for 90 days, then are automatically replaced with a new one when they reach less than 30 days until expiration. It’s not possible for us to have “old” certificates since the oldest one will only ever be 2 months old before it gets replaced with a new one (and we monitor every Let’s Encrypt deployed service for freshness with alerts if a cert goes under 28 days). This process happens continuously on every system we have that uses SSL/TLS.

All certificates ultimately rely on a chain of trust based on a root store of trusted certificates present in every platform that the chain of validation is based on. All of these also have an expiration date, but a longer one since changing these either requires an OS update (usually in the form of security updates) or for platforms that no longer receive updates, manually installing new root certificates if it doesn’t have ISRG Root X1 installed. Alternatively, some platforms allow manually setting trust for an expired root certificate or need to remove an old root certificate.

The only reports we have received with TLS problems is with Exchange. Unfortunately we don’t have anyone on staff with Exchange experience, so we don’t have a fix to give out. At this point we can only recommend reading what others have done to address issues with cross-signed certificate authorities, although if we find a procedure specific for Exchange we’ll pass it along. For platforms based on OpenSSL 1.0.x this is a known bug which is fixed by updating to OpenSSL 1.1.x.

The reason the old, expired root is still in the chain is for an Android compatibility thing as detailed here: https://letsencrypt.org/2020/12/21/extending-android-compatibility.html

To view certificates in Windows see:
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-view-certificates-with-the-mmc-snap-in

On Windows the expired “DST Root CA X3” should be under Trusted Root Certification Authorities and Third Party Root Certificates. Removing it and rebooting may help (or it may not, we don’t have a way to test an Exchange server).

For a complete list of platforms compatible with Let’s Encrypt see:
https://letsencrypt.org/docs/certificate-compatibility/

Categories
Announcements TahoeIX

DNS over HTTPS and TLS

We’ve recently enabled DNS over HTTPS (DoH) and DNS over TLS on our resolvers for our customers (IPv4 and IPv6).

For DNS over HTTPS (DoH) use:

https://dns.rollernet.us/dns-query

For DNS over TLS use:

tls://dns.rollernet.us

Our DNS servers validate DNSSEC (queries will be answered with SERVFAIL in case of bogus data). If you have trouble resolving DNS that appears to work with sites that are not DNSSEC-aware, check it with the DNSViz tool: https://dnsviz.net

Our DNS servers will only respond to queries from our network (users on Roller Network IP addresses). If you are a peer or downstream customer with your own address space, please contact us to add your IP addresses to our “allow” list. For public service we recommend Quad9. Quad9 is globally anycasted including a local peer in Reno, NV at TahoeIX. For more information visit: https://www.quad9.net