Categories
Changes Status

SSL/TLS Changes

We’re going to start turning off TLSv1.0 and TLSv1.1 per best current practices (BCP 195), and start working on updates to add support for TLSv1.3. Our account control center is first. Other services will be changed as we work on configs or other updates for both web and mail services.

As of early 2020, support for TLS 1.0 and TLSv1.1 has been removed in current versions of major browsers. For more information about the depreciation of TLS1.0/1.1 see: https://blog.qualys.com/product-tech/2018/11/19/grade-change-for-tls-1-0-and-tls-1-1-protocols

We’re also changing our ACME client for Let’s Encrypt certificates. We started out using certbot, however certbot is moving to an app store framework (Snap) for future updates and we don’t want to install such things on our servers. So we searched for an alternative ACME client that we liked and settled on dehydrated. For more information on dehydrated visit them on github at: https://github.com/dehydrated-io/dehydrated

Categories
Announcements Changes

Peering at SFMIX

Now peering at SFMIX in the San Francisco “Silicon Valley” region of California. Roller Network has an open peering policy and we are happy to peer with networks of any size. We’re also on the route servers.

Categories
Announcements Changes Status

SquirrelMail End of Life Notice

Since the very beginning of our hosted mail service, SquirrelMail was there as a webmail option. It’s served thousands of users well, but the time has come where we need to declare SquirrelMail end of life (EOL) and no longer supported. SquirrelMail has not been actively developed for several years, and incompatibility with other upgrades we will be making across our system is very likely.

As an EOL service, we will no longer test changes for compatibility with SquirrelMail. Although the basic email functions of SquirrelMail will continue to function, any broken additional features in SquirrelMail will be removed or disabled.

We understand the desire for a simple webmail interface still exists in our customer base and we will be looking at replacement options. In the meantime, please plan to migrate your webmail needs to RoundCube at: https://webmail.rollernet.us/roundcube

SquirrelMail will be shut down on December 31, 2020.

Categories
Changes Status

System Updates 2020 Edition

Over the next several weeks are are going to try to get all of our systems updated to Debian 9 (oldstable) or ideally Debian 10 (stable) wherever possible. Many systems are still running Debian 8 LTS for which security support ends in June.

We will do our best to minimize disruptions. Any work that’s unavoidably disruptive will be performed during our weekly maintenance window every Saturday between 10:00 and 22:00. An example of a system that’s disruptive would be the account control center, webmail, or IMAP/POP3 hosted mail. To completely update a system there are required reboots, and in some cases (most notably IMAP/POP3 hosted mail), forced switches between active/standby pairs to verify functionality. Updates on our in-office system will cause interruptions to our phone and hotline number (which run on Asterisk) while we perform its upgrades. Email us if you don’t hear the voice prompts answer since someone will be watching for emails when we know voice is being worked on. Work to non-interactive systems like ns1/ns2 may be performed at any time since our supported configuration is that customers configure both on their domain, not just one. We may also decide to migrate older hardware based systems to a virtual machine on a case-by-case basis.

If you have any questions please contact support.

Categories
Changes IPv6

IPv6 Public NTP Servers Discontinued

Almost 9 years ago we set up some publicly accessible IPv6 time servers. At the time there were few to no options for NTP over IPv6.

However, it’s time to retire those servers. They’ve run faithfully for almost 10 years and their watch is over. We don’t have a replacement for this service, but NIST has IPv6 NTP servers in their pool: https://tf.nist.gov/tf-cgi/servers.cgi