Today we deploy a change to the Kolab Now password expiry policy, which will affect you only if you:
– have enabled an expiry policy in your profile
– your password expired according to that policy
If both of these conditions are the place, you will be prompted to change your password when you login in to the cockpit with your correct, but expiring, password.
This afternoon earlier today one of the Kolab Now MX servers was listed on the Microsoft block list. This means that some users might have seen, that mails sent to recipients at ‘@outlook.com’, ‘@live.com’, ‘@hotmail.com’, and other Microsoft online services was bounced back with the message that looks something like this:
This is the mail system at host mx.kolabnow.com.I'm sorry to have to inform you that your message could notbe delivered to one or more recipients. It's attached below.For further assistance, please send mail to postmaster.If you do so, please include this problem report. You candelete your own text from the attached returned message.The mail system<some-email@outlook.com>: hostoutlook-com.olc.protection.outlook.com[x.x.x.x] said: 550 5.7.1Unfortunately, messages from [y.y.y.y] weren't sent. Please contactyour Internet service provider since part of their network is on our blocklist (S3150). You can also refer your provider tohttp://mail.live.com/mail/troubleshooting.aspx#errors. [Name=ProtocolFilter Agent][AGT=PFA][MxId=<some long number>][SG2PEPF03345FBECA.apcprd05.prod.outlook.com 2025-02-13T<timestamp>Z<another long number>] (in reply to MAIL FROM command)
Although the listing was fast discovered, Microsoft was contacted and the listing is reversed as soon as it is possible, it took a while. At this time emails should be delivered to the Microsoft online services.
A few users has misinterpreted the symptoms with error messages from missing the DKIM changes made on Monday (please read this blog post from December 2024 and the follow ups). If you are a group manager, then please make sure that you have the new DKIM related CNAMES added to your DNS zone.
If you have any questions or concerns in this context, then please contact support.
Lately we got a lot of questions at Support about a possible vulnerability in Roundcube, the Kolab Now webclient. The listing in question is CVE-2023-47272 which upstream in the Roundcube development has been handled and patched.
To see the version of Roundcube running as the Kolab now webclient, login and press the ‘About’ button in the left side of the screen. This will reveal that Kolab Now is running:
Roundcube Webmail 1.5.6.3-30.1
This tells, that the fix was already installed, and that the Kolab Now webclient is not impacted by the vulnerability.
We are thankful for having an observant and active user base.
On Friday, 20th of January 2023 at 09:00 UTC, the Kolab Now operations team will perform maintenance on the infrastructure of the Kolab Now platform. The update will move a part of the backend services to newer infrastructure. The updates will bring more stability and better manageability to the backoffice systems. No new features visible to end users will be enabled during this maintenance.
The service window is expected to last for no more than 4 hours, ending on Friday, 20th of January 2023, at 13:00 UTC.
Another year past and we needed to again refresh our certificates.
As in previous years, e.g. 2018, 2019, 2020, etc, we rolled over certificates across all systems over the last few days of the year.
The new certificate is in place, and applies to https://kolabnow.com/, imaps://imap.kolabnow.com and smtps://smtp.kolabnow.com.
As in previous years, we publish the fingerprint here:
SHA-256:
FA:2A:BF:A9:F8:FA:67:E7:7B:0D:B2:2C:C2:F2:8B:F8:30:4C:77:84:55:38:02:B4:DD:66:7F:DA:F4:C7:DC:49
SHA-1:
B6:FE:BF:F6:3A:17:CD:E4:2D:02:7F:AF:C9:EF:0C:45:32:F9:0A:3B
Another year past and we needed to again refresh our certificates.
Our terms of service state there’s basically no way for anyone to get any access to your data without us also being able to talk about the fact it happened.
Like the last time we declared having made a full eclipse around the sun at an arbitrary date, here’s our statistics for 2020.
Kolab Now unterstützt alle, die auf Homeoffice nicht vorbereitet sind, indem wir unseren Service für die Dauer der Krise gratis zur Verfügung stellen.
Email, Kalender, Office-Dokumente und mehr, helfen Ihnen Ihre Arbeitsabläufe auch Zuhause aufrecht zu erhalten.
Registriere dich jetzt mit dem Voucher Code KOLABFROMHOMENOW.
Dieses Angebot werden wir so lange wie möglich aufrechterhalten und nachdem sich die Lage beruhigt hat wieder entfernen.
Authorities and experts alike tell us physically staying at home is the safest thing to do for you and yours, and everyone else. Our experts want you to enjoy the same safety on the web.
We have decided to spread the burden and not the virus, and do the right thing by not opportunistically profiting off of our collective misery. We now provide a 100% discount to all new signups for as long as we can manage, or for as long as the crisis continues, whichever comes first. When things cool down, we’ll remove the discount.
Our annual certificate refresh is upon us.
