In a previous blog post, I have told you about our experimenting with TOTP-based two factor authentication. It proves functional in the Cockpit and in the Web Client, so we’re preparing the promotion to production.
Last month, we let you know a stricter DMARC policy was being applied to Kolab Now infrastructure. With a primary aim to increase our reputation and decrease phishing attempts from clearly false senders, we’ve since learned about some secondary effects;
If you’ve noticed our responses to support tickets or monitoring alerts is a little slower than usual, that’s because this is now the view from our office:
Kube is a client that allows you to work offline, so you can work no matter whether your train just entered a tunnel, you’re on board of a plane or you’re just too lazy to get up and ask for the free wifi password. One implication of this is that we have to deal with fair amounts of data.
Email tends to accumulate quickly, and it’s not uncommon to have mail folders that have somewhere between 40’000 and 200’000 emails in them, so we have to figure out a way to deal with that. At the core of Kube we therefore have Sink; the data-access and synchronization system.
We’re currently experimenting with an implementation of TOTP-based 2 factor authentication, allowing our customers to use a second factor.
Until now, Kolab Now required its users to supply a username and a password. This is considered only a single factor, since the username is your email address and thus known to third parties.
Sometimes, we receive reports that either our general reputation has declined to the point that certain receiving parties will block some of the email sent through our infrastructure, and that bothers us — because it bothers our customers. This usually involves just a limited number of messages, but is annoying nonetheless.
Other times we receive reports of phishing. These usually do not include verbiage that is suitable for repeating in this here blog, as the reports reply to messages do not originate from us, usually refer to external, third party sites but are most importantly also not submitted through our infrastructure. We follow up these occurrences with abuse reports to web server hosting companies, email providers and through other associated channels, but responses are often not thorough and not quick.
While many of our customers have used collaborative editing, there’s certainly one aspect that could be improved; we’re seeing a lot of pending invitations to editing sessions, that apparently do not reach the intended recipient.
I’m pleased to announce the Kolab Now Knowledge Base, a library of FAQ articles, documentation relevant for users and customers, and “Learn More” walk-through articles showing you Kolab Now from the inside out.
Furthermore, our staff will be able to tell you more about what’s going on within the greater Kolab Now ecosystem through this blog roll.
Over the next few days and weeks, our support teams, engineers and consultants will be supplying the knowledge base with ever more information. Naturally, as new issues arise, or we find interesting topics to talk about, the documentation about it will land there, too.