Click here to see the latest TLS/SSL certificate details.
Changelog
2024-06-19
We have disabled Bitcoin payments because of new laws in our country. This would require a whole new payment routine and a huge amount of changes. This is not something we can create in a short amount of time.
2024-04-05
A few users gets a 'Session expired!' error, the first time they login, the second time they login they dont get the error. We are still investigating this. If you have this error, please login again and it should work! (so you may need to login twice until we solved this issue). But you can also get this error if your ISP is changing IP-address, so in some cases, it's correct, because it's a security feature also, read more here:
https://support.countermail.com/kb/faq.php?id=40
2024-03-26
Updated one FAQ for permanent decryption for emails and/or moving emails locally OR to another account. Using the app Thunderbird, even if you are used to another email client you can temporarily use TB just to do this specific task, then go back to your other email IMAP-client (if you have one). This FAQ is good if you want to decrypt and then copy or move emails, locally or to another account: https://support.countermail.com/kb/faq.php?id=260
2024-03-17
We have updated some info for users that use their own domain.
The DMARC record info has been changed. Please update your DNS-TXT DMARC record with your domain registrator.
See our FAQ regarding how to setup a domain, otherwise you can get delivery problems, there are so many domain providers that we can't cover them all, but we have some examples (with clickable pictures) in our FAQ: Read here: You must setup DNS MX, DKIM, DNS TXT/SPF and DMARC. You can find these settings at the bottom in the FAQ page.
See this FAQ for different tools to test your domain: FAQ with testing tools
The only setting that you must contact us about is the DKIM, which we write about the first FAQ. If did not have setup OpenDKIM earlier, but have done so now, please send an email to: opendkim@countermail.com with the domain name we should add. One easy way to test DKIM is to go here: https://mxtoolbox.com/SuperTool.aspx?action=dkim and enter 'yourdomainname.com:default' and press Enter.
2024-03-14
During the last 10-14 days our server has sometimes been slow, and its because we have been under attack, mostly by 'harmless' DDoS attacks which means the attack are not so dangerous for our users, but a bit annoying for our users.
Edit: We have now blocked over 100k of computers/servers that was attacking or sending spam to us, no 'real' servers should have been blocked, hopefully this should make our servers go a bit faster again. If you are missing emails and searched your Spam-folder, please contact us with the sender info (such as the sender email), by creating a Support-ticket.
2024-03-05
Upgrading of our server. We have to upgrade our servers due to a potential future security risk. We have not had any successfull attacks against our servers yet, but if we don't do this upgrade now, we might be in the risk zone in a near future. We will post the time here when it's done. See the UTC time here: https://time.is/UTC expect it to take anywhere between 2-7 hours. You will not lose any emails, they will come bounce back into your Inbox, when the servers are up and running. Server ugrade start time: 12.20 (UTC).
We are sorry for any inconvenience this maintenance may cause, but 'better safe than sorry'!
Important! The server may be online for a while during this period, so if you are writing any longer emails we suggest you use copy and paste to save the email on your own computer (until the servers are done), but you can also save it in the email Drafts-folder, saving it in the Email Drafts folder is also a secure alternative.
2024-03-03
Fixed a temporarily problem with the secure forms function.
2024-02-28
Certifificate problem - if you still got a certificate problem, try restarting your web browser, if that does not help, restart your computer
2024-02-04 - 2024-02-10 (week 6 of 2024)
During this time period we are changing our supportsystem and upgrading some other things, so you may get a few seconds (up to maximum a few minutes) of 'downtime' at certain time periods when we are restarting some server modules. If any form of restart will take longer than 1 minute, we will inform about this on our homepage. Usually its best to check out the News-section (or this Changelog-page) to get the latest info. At the moment we do not plan to have any extended downtime period during this week. As we wrote earlier, the downtime periods are usually about a few seconds up to a few minutes.
2024-02-04
Fixed issues with some invitationscodes:
-Some old members was missing a few invitationcodes, the members who were affected got some extra invitationcodes (Settings/Preferences/Invitations)
Read more about invitationcodes here.
-Some types of email recipients could not be invited with an invitationcode, this has now been fixed!
2023-05-08
Fixed delivery problem with Gmail
2023-04-17
Fixed problem with expiring accounts and new invite-registrations
2023-03-31
Our servers have now been moved to a new data center. It took 1 hour longer than expected. We are sorry for this inconvenience.
If you still have problems, first try restarting your web browser, if that does not help, then please restart your computer.
2023-03-30 - 2023-03-31
From March 30 at 19.30 UTC/GMT+1 (20.30 CEST) we are moving our servers to a new data center that can handle longer power outages (if it happens).
Expect approximately 5 hours of downtime, so hopefully everything will be back online on March 31 approx. 00.30 UTC/GMT+1 (01.30 CEST)
2023-03-28
Power outages throughout several areas in our city, between approx. 17.00 - 19.30 (UTC+1/GMT+2/CEST). We can handle shorter power outages, but not +2 hours, so we are going to change our servers location. The new data center can handle longer power outages, if it happens.
2023-03-04
Fix problem with support site.
2023-03-01
Blocked several Spam attacks
2023-02-02
Fixed problem to pay with BTC
2022-12-07 - 09 (during the last 3-4 days)
We have blocked several thousands of Spam servers, which made our SMTP server slow. Sending outgoing emails should work faster now.
2022-11-03
Stopped a DDoS attack that started yesterday, which made our system slower.
2022-11-03
Changed certificate to a wildcard certificate (*.countermail.com). If you still have problems, try restarting your web browser.
2022-08-20
Fixed two bugs which was related from the upgrade on Aug 16.
1. Some Form-mail sending did not work properly (for users that use our secure Form feature). This is now fixed. The listening server port was wrong (old port), changed to the new correct internal port for PGP encryption.
2. Some unencrypted email was not encrypted in the Inbox by our server detection script. The detection script checks for unencrypted email for each user, if it finds any, then it encrypts it to the unique public pgp key for that specific user. This is now fixed, same solution here, wrong server listening port, changed to the new port that we use for internal PGP script encryption.
All these Port changes was permanently changed, so the same error will not happen again.
2022-08-16
One server failure. Working to restore it. *Fixed, this issue has been fixed. We also upgraded our firewall during the downtime.
2022-06-23
Changed the request limiter of SecureForms. Earlier you could only send a certain amount of SecureForms every 30 minutes. A request limit protection.
Earlier if you used different homepages sending Forms to the same premium account, you could reach the limit pretty early. Now the limiter is done per destination user/alias, so by using different aliases in the hidden field 'user', you can use the same premium account to receive Forms from several homepages without getting the error: 'Too many form requests!' too early. There is still a total limit per premium account, but that limit is higher, 60 incoming forms per 60 minutes.
2022-03-14
Fixed bug a bug that happened sometimes to the last alias you added. Under Settings / Public Keys / Click on your own key and button [Edit keyring].
The last aliases was not visible to add/remove from the keyring. When you add/remove aliases from the keyring, make sure you wait an extra 30-45 seconds.
You will see when it's ready because the page will reload automatically.
2022-02-21
Fixed link corruption problem in some encrypted emails. Sometimes, If you clicked on a link inside an encrypted HTML email, the link would not always follow the new web standard. This has been corrected.
2021-11-09
Fixed a temporary problem with bitcoin payments.
2021-10-27
Here is more info about the DDoS attack, it was several email providers that was hit by the same group:
https://therecord.media/ddos-attacks-hit-multiple-email-providers
2021-10-26
Some members got the 'Session expired message', this has now been fixed. If you still got this message you may need to reboot your computer.
2021-10-24
We had a large DDoS-attack today between 18.15 to 01.15 CEST (UTC/GMT+2). We have now changed DNS provider to have better protection against DDoS-attacks (overloading attacks).
2021-10-07
We had a DDoS-attack between 15.00 to 20.30 CEST (UTC/GMT+2) today (overload-attack), we found no other dangerous issues for our accounts.
2021-07-12
We have to perform a maintenance update at 12.00 CEST (UTC/GMT+2) which takes approx. 45-60 minutes. It's a few kernel upgrades, which requires a server reboot afterwards.
Edit: the downtime was shorter, approx 20 minutes (12.40-13.00)
Edit2 : Some user experienced problems with outgoing emails afterwards, we did some additional changes on 19.30, which should have fixed the last issue that some users had with outgoing emails.
2020-06-22
Some HTML emails which contained invalid links or images would not display or link correctly. We have now improved the HTML sanitizing filter to fix incorrect links. This error was caused if the external sender did not create a proper HTML email.
2021-05-11
Tuesday morning:
Access problems from some countries. Our automatic domain renewal was delayed because our company card was wrongfully blocked (by a bank), however that was solved earlier today/early morning. But the DNS-cache seems to be very different depending on which DNS-server the customer (vistors) are using, it also depends on the internet service provider DNS servers. So while it works perfectly from some countries, it still shows an 'Expired domain page' for some visitors! If you have this problem the only thing you can do is to wait, or try restarting your computer and/or internet router, to speed up your own DNS-cache removal.
Tuesday evening: Everything should work for all users, if you still have problems, you need to reboot your computer and/or your Internet router. There are many devices that may cache DNS requests. A DNS-request is a request for which IP-address a specific domain name should connect/resolve to.
Some users was not affected at all, while some users got the Empty domain page (or a page that said Domain expired)
We are sorry for this inconvenience.
2021-05-04
We are still working with the new permanent decryption feature, it works fine for email without attachments, but it must also work for emails with attachments, so we will not release that feature until it works 100%. We will continue with it during Tuesday. This feature will not require Thunderbird or any other application. Until it's ready you can use our webmail interface to read encrypted emails.
2021-05-03
Fixed Chat server Error: 'Peer Certificate has expired. Unable to generate new chat account'. Under Settings / Security & Keys -> Chat Settings, [Generate new]-button. The XMPP chat server is now using Let's Encrypt certificate(s).
2021-05-02
We are working with a new Decryption feature which the email account owner could initiate, so it will decrypt All or the selected folders. This feature could only be started/initiated from our webmail interface, and we can not initiate this process by ourselves, the user have to start this, since we don't have access to either the private key or the password. We will update our Changelog and send out an email when it's ready, it should be finished within the next 24 hours*. So hopefully late evening on Monday (CET time), or no later than Tuesday.
2021-04-29
Updated FAQ for permanent decryption for emails and moving emails locally OR to another account.
Edit: The FAQ above is good if you want to decrypt and then copy or move emails, locally or to another account, but we are also working with feature that can decrypt emails inplace, instead of moving them.
2021-04-27
We removed an old database that was used for the old webmail interface. The old webmail interface was deleted 4 years ago. A few old members which had disabled the plaintext Encryption in the old interface, and never changed anything in the new interface's Security & Keys page (during these 4 years) got their email encrypted. Read more in this FAQ. We recommend to store the emails in encrypted format, however we are going to enable the possiblity to permanently decrypt encrypted emails, if you still need them unencrypted. If you use a computer its easy to install Thunderbird and import your private key to be able to decrypt/encrypt emails. Mobile devices can use the app K9 for Android and the app Canarymail for iOS to be able to decrypt/encrypt PGP emails.
2021-04-14
We have to do a Kernel upgrade due to a security risk found in the Linux Kernel. No breach or leak happened, none of our servers are directly accessible to the internet, only our OpenBSD Firewall (which is not affected), still we want to make sure we have the latest Kernel. And a Kernel upgrade requires a reboot. After the reboot we have to make sure everything works, so it will be approx. 45 minutes downtime between: 2021-04-14 05:00 CET - 2021-04-14 05:45 CET
We are sorry for any inconvenience this maintenance may cause, but 'better safe than sorry'.
2021-04-12
Updated one of our FAQ that describes some reasons and solutions for Session problems (in the webmail interface): https://support.countermail.com/kb/faq.php?id=40
2021-03-16
At approx. 04.40 GMT+1 (early morning in Sweden) we have to do a reboot on all servers, for a firmware upgrade and a DNS change, the downtime will be anywhere between 5-15 minutes, you may also need to flush your computers DNS. Usually it's enough with a web browser reboot, but may need to reboot your computer to flush your DNS cache.
2021-03-05
Outgoing emails was not delivered for a period. Between 09.30-14.30 GMT+1. The new firmware in the Firewall had a new setting that caused this if you changed the hostname for a machine behind the firewall. Incoming external email was not affected by this issue. We are sorry for this problem.
2021-03-04
Improved the Secure Forms feature. We added a whitelist possibility for your own server. You can read more on the link below about the Secure-Forms feature:
https://countermail.com/?p=secure_forms
2021-02-24
We have around 130 MB of different emails that we are going to sort (and move) to the correct recipient, we will create a script for this so its done automatically.
2021-02-23
At round 23.00 GMT +1: Most of the email and feaures was working
We have found a server made by another manufacturer, we are working to get that server going so you can get access to your email today.
Some general info: Its hard for smaller companies to withstand a full blown government attack combined with a bug from the server manufacturer. At least we have our hands clean, we have never get paid or sponsored by any authorities/government, this is more than many other secure email providers can say. As we wrote earlier, those premium users who were affected will get between 3 months up to 12 months of free premium time as compensation, it depends on what subscription you had and how long you have been a member. But your account reg.date must be at least 1 year old.
2021-02-21 - 2021-02-22
Info 20:00 GMT+1 : It was a combination of normal overload attacks and a Manufacturer bug (in the firmware), the firmware is closed source, so we could not have foreseen this. If someone know a good open-source Firmware provider, let us know, we may reward you if the source code is something we can use in our servers. Unfortunately the two servers affected by the firmware bug was two of our firewalls, so therefore it affected many servers behind our Firewalls, since you (the end user) could not get the response from any server behind the firewalls. We are of course working hard with a solution, and hopefully it will be ready within a few hours. At the same time we will try to move away some other servers from the same manufacturer. We will give some compensation to all premium members that was affected by this downtime.
Info 05:45 GMT+1 : Some users still have problem logging in, so we are continuing searching for more factors, it might be a combination of the manufacturer-bug and some overload/DDoS attacks.
Info 03:45 GMT +1 : It should work for more users now, and we out found what happened, it was a bug in the Server firmware (a source code that the manufacturer creates and uses to handle and control the settings and behaviour of the server). The bug result was that the server "hanged" after we did a normal quick reboot (in 2021), so it only happened if the reboot was done after the year 2021, not earlier. We will post more info about this strange bug. We did not find any security holes with this bug, only that the server hanged after a reboot, so everthing looks like a stupid human coding error from the manufacturer (SuperMicro)! We are now going to migrate away the last servers we have from this manufacturer. We had already started to migrate away from this manufacturer _before_ this bug happened! but now we will speed up this process! That's for sure. We will only keep some GPU-cluster computers from this manufacturer, because they are very expensive and they do not affect any user or sensitive operations, same with the older servers, we keep them as test servers only.
Info 22.20 GMT +1 : Some users still have problems, we are investigating why, and we are working 100% to solve this issue as soon as we can.
Info 20:30 GMT +1 : Everything should work now. We are still investigating if it was a power failure or some DDoS attack.
Info 16:40 GMT+1 : Temporarily power failure(?) for our firewall server. We will update this news section when we got more info, and hopefully an estimated time to a solution.
2021-02-14
-We increased our security for phishing links. It now gives a warning when clicking on links that look similar to our domain, or links that is blacklisted in our own database. The database is not new but we increased it with many new top level domains.
-We fixed a potential XSS bug when users was clicking on external links AND if the email was a special crafted HTML email. Even if it was not possible to steal info from other users, all XSS-bugs should be handled ASAP, before someone finds a way to enhance them into a real threat. This potential XSS bug was found by a bug hunter and will therefore be rewarded. We are a small company so the rewards can not compare with for example; Facebook, but it could be anywhere within $50 to $2000. Using Acunetix or similar security software will most likely only cause a permanent user ban, because the software are more like a DDoS tool, than a security tool. At least it was like that two years ago when we tested it...
2021-02-08
Fixed a minor bug in our Secure Forms feature. If a webshop or homepage received more than 20 form-posts in less than 30 minutes, you could get this error:
'Too many form requests from client! Client is blocked for 30 minutes'. This should only happen if the client is bruteforcing or trying too many times with incorrect user-field. If the Form-request/Form-order was correct, the Bruteforce protection was not reset, so you could get the protection message too early. If you receive a correct Form-request, the limit is 60 forms per hour, for example one Form-order every minute, during the _same_ hour. Which should be enough for most webshops and homepages. A valid Form-order/Form-request now resets the Bruteforce protection, as it should do. You can read more on the link below about the Secure-Forms feature: https://countermail.com/?p=secure_forms
2020-12-02
-Updated our XMPP server, new version and a new TLS-certificate
Fingerprints:
SHA-256 = 74:4E:5D:AC:57:A5:14:2C:A3:F5:EF:94:09:14:D6:5B:61:F9:A6:08:8E:0C:24:01:50:5B:A9:CF:DA:36:C9:32
SHA-1 = B1:5E:17:70:D6:C1:1D:CE:0F:6D:E4:38:A3:7F:FB:E0:14:F8:8F:9F
-Added more Domain spelling corrections, to minimize risk of sending email to the wrong domain.
Read more below under the date 2020-11-23.
We are wondering if we should simply rename this security feature to: '[x] Enable drunk & tired spelling protection' instead ? :)
2020-11-23
We have added a security feature to spell check common domain names. This is done to prevent potentially serious information leaks.
When you compose/send/reply a new mail the domains of all recipients are checked against common domain names. This is done to warn you if you misspelled some domain, which could potentielly stop sensitive info going to the wrong recipient. There are also hackers that register domains that looks very similar to the real ones, which makes this threat even more real. As far as we know, we are the first email provider with this type of human error protection! (we protect approx. the 10 most common spelling errors per domain).
At the moment we have added protection for these domains:
Countermail.com
Cmail.nu (our secondary domain)
Hotmail.com
Protonmail.com
Yahoo.com
iCloud.com
Gmail.com
Live.com
Outlook.com
So normal human misspellings will be detected by our script, and give you a warning, and also ask you if you want to correct the spelling error.
The list of domains above will most likely increase. It could save you a lot of headache and serious damage BEFORE you may send sensitive info to the wrong domain/recipient. That is why we added this feature. It's enabled by default for all accounts, but you can Disable it under Settings / Preferences / Security & Keys, and the setting is called 'When sending emails, show warning if the domain looks misspelled for a recipient' [x]
2020-11-04
-Fixed links problem. Sometimes Internet links (HTTP/HTTPS) inside an HTML email could be malformed when sending to external emails.
2020-11-02
-If you still see the closed Registration page, then reload the page or restart your web browser, then you will see the correct registration page.
-Trial accounts now works for 10 days (earlier it was 7 days)
-Fixed some minor graphical issues on the registration page (reload/refresh required)
2020-11-01
The registration now requires an invitation code.
Read more here: https://support.countermail.com/kb/faq.php?id=258
2020-10-31
We are now changing our registration, an invitation code will be required. The new registration will be ready between Friday 30 Oct and Sunday 1 Nov.
[Edit 2020-11-01]: The creation of the invite codes took a little bit longer than we expected. They are based on SHA256 so it requires some CPU resources from the server.
Read more here: https://support.countermail.com/kb/faq.php?id=258
2020-10-29
Corrected some links in our own Changelog, it's further down on this page, scroll down to the date: 2020-02-28
It's some worrying information about Protonmail, but as we wrote then, we don't know what is true or false in their case, we can only verify two pages:
1. Their own Transparency page
2. The fact that few of the Protonmail developers are using Protonmail...
But we will not speculate anymore about this, you have to make your own conclusions (on the things we wrote in 2020-02-28).
2020-10-28
We changed our Terms of Use a little bit. The change is done in section #4. If you are using your account mainly for SEO or marketing you will be violating our Terms of Use. Read them here: https://countermail.com/?p=terms
2020-10-27
We have opened the registration again - The invitation code is not needed yet. But we may add that requirement soon. First we want to try another type of detection mechanism. Accounts registrated using some type of Bot will be closed after a random time. We use a random closure time so it's not possible to determine if we detected the type of registration. The random time will be beetween 1-60 days. All Multiple account registrations which then is abused in any way, will also be closed after this random time. Normal users will not be affected by this.
If you still see the closed Registration page, then reload the page or restart your web browser, then you will see the correct registration page.
2020-10-06
We have started working on an invitation code system. Every premium member will get at least two invitation codes. The premium member can give away the code to anyone they know. One reason for this is to prevent robots (autoregistration) programs, but also to stop Spammers and bad Marketing people. Normal marketing is when you send out email to your own customers that have registered on your own site. Bad Marketing (which basically is Spam) is when you send out a mass-email to email addresses that you bought OR that you collected by yourself on Internet, and where there recipient has not 'opted-in' for your emails.
2020-10-04
The normal user registration is closed down. Domain owners can register domain-user as usual through the domain panel. We can't say a date when we open up the normal user registration. At the moment we have to focus on our current users.
2020-09-18
We are working on a new feature that will make it able to send encrypted message to anyone even if they dont use PGP. No App-installation is required.
Messages can also be self-destructable. See this picture for more info
2020-09-17
TutaNota having problems. It's not on our side.
2020-08-06
We have now managed to block most of all overloading attacks against us. Since May 2020 we have been attacked (with overloading attacks like DDoS and DNS-exhaust) from computers from Argentina (and from some other countries, but mainly from Argentina). The attack-computers were mostly registered to the Argentinian government itself. In many news articles they say that Argentina (or their main Telecom Company) were hacked in July. But in fact it was much earlier, mostly in April. Because in early May they started a phishing attack against US-citizens. When one of their victims contacted us with proof, we closed down their mail account. Then the attack started against us! 90-95% was from Argentinian computers. What is more disturbing is the fact that the Government & the Telecom company have not done much to stop this. In 3 months all normal goverments/IT-sections would have been able to find the hacked computers and stop and clean them, but they have not done much at all. This indicates that they have someone inside the Argentinian government or inside the Telecom company. There are also other things that indicates that this is not a normal 'hack', but we will not reveal all that we know, we are sure they had help from people from the inside. The people who helped with the 'hack' will of course get paid for it, from the hackers...
Some articles about the 'hacked' Argentina:
https://www.globalsign.com/en/blog/ransomware-attackers-demand-millions-telecom-argentina
https://www.zdnet.com/article/ransomware-gang-demands-7-5-million-from-argentinian-isp/
https://news.bitcoin.com/telecom-argentina-s-a-hit-by-major-ransomware-attack-criminals-demand-7-5m-worth-of-monero/
https://twitter.com/krugermacro/status/1284642410258214914
https://twitter.com/GuyWithAMask4
2020-08-05
-Message false flagged as Spam, from Wed evening from 19.00 GMT+1. Many messages was flagged as Spam, by a filter error. This has been corrected. But it has created a outgoing queue, so it will take several minutes, up to an hour before the whole quese has been delivered. You don't need to resend the email unless you get a bounce back email, an error email telling you that it could not be delivered. Otherwise do not send the same email again.
2020-07-26
Updated our server-side spam filter. We are constantly upgrading our spam filter to keep Spam emails away from your Inbox, but also to minimize false positive flagged emails. In this case some whitelisting rules did not work, we have now changed some settings so the users own whitelisting should work better.
2020-07-06
Fixed bugs:
-XMPP server, some standard upgrades and later a server restart, after that the XMPP server did not start. It was caused by MariaDB server suddenly forced the XMPP server to use a special TimeZone setting, instead of only giving a warning, the OpenFire did not start at all, which is pretty crazy for a small upgrade. Fixed now.
-Payment page. Added more Bitcoin addresses
-Domain Panel. Could not add more than 15 aliases/idenitites even with the domain option activated. Fixed
-Settings / Identities, could not add Identities under other domains than Countermail.com
The last two was temporarily caused by our work in enabling IDN domains. At the moment, we can manually add IDN domains, if someone is really using it (homepage is needed as proof)
2020-04-04
Some people still think the upgrade is going on. It was finished yesterday on 21.20 (GMT+1). You need to Reload/Refresh the page (or press F5) if you still don't see the normal login page. Keep in mind, whatever problem you have on a computer/device, it's always best to try to restart the Application you are using, or if that does not help, restart the computer/device. This is a general advise for all sorts of IT-problems :)
Regarding Corona/Covid-19, it's going to take along time to stop this disease, below are some of the best advices:
https://www.cdc.gov/coronavirus/2019-ncov/need-extra-precautions/get-ready.html
Worst case scenario; what happens if all of our staff get sick?, well the system can run by itself for a long time, the only thing done manually is WireTransfer payments and answering support questions. Card payments and Bitcoin payments are made automatically. Regarding support, you can also find most answers in our FAQ: https://support.countermail.com
2020-04-03
The upgrade is finished. It took 20 minutes more than expected, so the downtime was 19.30-21.20 (GMT+1)
2020-04-02
On Friday April 3rd between 19.30-21.00 GMT+1, we have to do firmware upgrades on several servers, it will take approx. 1h 45 minutes. This means that you will not be able to login during these hours.
2020-03-01 (16:05 UTC+1)
Most of the upgrade is done. Some performance tweaking is still left to do, but we have opened up everything.
2020-03-01
We have to upgrade and reboot one network device between approx. 13.00 - 16.00 (UTC+1) on March 1st. We also have to replace one harddisk. The expected downtime is 3 hour, but we can't say the exact time.
2020-02-29
We have to upgrade and reboot one network device between approx. 13.00 - 16.00 (UTC+1) on March 1st. The expected downtime is maximum 3 hours
2020-02-28
Some worrying Information about Protonmail. We rarely talk about our competitors, but we thought we had to inform you about some strange rumors & facts about ProtonMail.com. Some of this information is verified, but other things are not, and things that are not verified should be considered as rumors only.
[Edited in October 2020]: So far, we have verified two things:
1. Their own Transparency page, where they confirm that they can monitor the IP addresses on their own users
The information below was quite surprising to us, the source for the quoted text below is from their own homepage. We also saved a screen shot...
Here is a Quote from their own homepage:
...In addition to the items listed in our privacy policy, in extreme criminal cases, ProtonMail may also be obligated to monitor the IP addresses which are being used to access the ProtonMail accounts which are engaged in criminal activities.
Countermail do not have to store or monitor our users IP addresses, we do not have such functions built in so we can not do it. You can read more here about Countermail's security and 'Transparency'.
If you are going to to change to a secure email provider, ask the provider how they store and protect the private key. There are very few providers who store the private key both encrypted & anonymously, as we do. With Countermail, all premium users also have the option to delete the private key completely from our database. However, that action is not really necessary anymore, at least not since since Aug 2017.
2. The fact that few of the Protonmail developers are using Protonmail
This seems to be true and verified, see the info on the specific page below:
https://privacy-watchdog.io/protonmail-devs-do-not-use-protonmail/
Below is another link about ProtonMail, we are not responsible for the page below, in this case we don't know what is true or false, or not:
https://privacy-watchdog.io/protonmails-creation-with-cia-nsa/
2020-02-22
We had to change our TLS Certificate today (you can find our new fingerprints here)
We are sorry for the downtime today, due to the certificate update. The following servers was upgraded on-the-fly:
-Apache (webserver for 'webmail.countermail.com')
-Apache (webserver 'countermail.com')
-Support-system (handles 'support.countermail.com')
-Postfix (SMTP-server, handles outgoing emails)
-Dovecot (IMAP-server, handles incoming emails)
All of the above servers was upgraded pretty fast, less than 10 minutes, we had expected a total time of 15-20 minutes.
The last step was to upgrade our Firewalls with the new certificate, and it was this step that took significantly more time than we expected...
One reason is that the Firewalls are not a 'normal' Linux server, they are based on a special version of FreeBSD. All our other servers are based on CentOS (RedHat).
Another reason was that it's time to completely disable TLS v1.1, earlier we had modified the cipher-list to still be able to run TLS 1.1 (and upwards).
But it is a balance act, if we disable too many ciphers, we may lose emails from older servers that are trying to email us! You can read more here about TLS 1.1 security issues.
Anyway, we had to find a way to disable TLS 1.1 in our Firewalls. Anyway, it's done now and we now have that A+ rating on SSL Labs again. Keep in mind that you may need to restart your web browser once, if you still have some certificate problems!
We are really sorry for the delay in the certificate change, but it will not happen again, the maximum time for such operation should be no more than 5-10 minutes, actually it should go even faster, just a reboot for each server application. We will try to compensate with some new features soon;
-encrypted calendar
-passwordbased email, which could be sent to anyone, they don't need PGP
-self destructing emails, which also could be sent to anyone, they don't need PGP.
-better mobile support
The source code for the above features is almost complete (95% done)
Another thing: Our own Forum/Board, several members want to have a place to discuss security related issues, and also helping each other solving problems. But also to discuss normal things that happens in the world, but the main focus with the forum should be IT-security. This sounds like a good idea, there are many free opensource forums out there, and if we place the forum on its own server then there will be no risk that a hacker gets hold of sensitive data. IF we start a discussion forum we need help from some veteran members as Moderators/Administrators, to keep the forum 'clean'.
2020-02-15
We found the reason that some users get the 'Session expired!' error, even though they have not changed IP-address since the login.
It seems like the problem only occurs if you have a slower connection OR if your connection is congested/loaded with a lot of other internet traffic. A third reason could be if you are located on the other side of the planet* which make the response time slower. This problem should now have been fixed, you may need to restart your web browser once.
*Our main server is located in Sweden.
2020-02-07
If you get the error 'Invalid session!' or 'Session expired!, it could be caused by the following reasons:
1. Your IP-address changed since you logged in. This is deliberately done to prevent session hijacking and increase the security.
2. You right-clicked on a link/button and selected 'Open link in new tab' (inside our webmail interface). If you click normally on links or buttons you should not get this type of session problem.
3. You are already logged in with a Countermail-user in another tab
4. Your web browser setting blocked our webmail to set the localStorage variable
We are going to create a testpage that will help us find the reason for each user that have this problem. We are also going to add a more detailed error message to locate when/where this happens.
2020-02-01
Fixed two composing bugs:
1. If you Composed an empty email (no content in the body) but with one attachment, it was not possible to send the email. This is now fixed.
2. If you Composed an email and added a recipient in the Bcc:-field, sometimes you got an error message saying that it was not possible to send the anonymous email to the Bcc-recipient, this error would only come up if the Bcc-recipient had an older type of Public key. It will now work regardless if the Public key type is new or old.
2020-01-28
Some special HTML emails could be very slow to open, or even make the web browser 'freeze'. We have improved the HTML sanitizing filter to prevent this and to speed up the HTML email viewing process.
2020-01-27
We made some changes to minimize the 'Invalid session!' or 'Session expired!' issues. We have now changed the way we store the local keys in the web browser. Earlier we used 'sessionStorage' but we have now changed to 'localStorage'. You can read more here (and also here) about the differences. The main difference is that you need to click on Logout to be 100% sure that the localStorage is deleted. Clicking the Logout button when you are done reading emails is not too much to ask for :)
You can still get the 'Invalid session!' message, but you can only get that problem in two different ways:
1. Your IP-address changed since you logged in. This is deliberately done to prevent session hijacking and increase the security
2. You right-clicked on a link/button and selected 'Open link in new tab'. If you click normally on links or buttons you should not get any session problems.
If you want to Compose or Reply to messages in a new Window, you can change the default setting under Setting / Displaying messages and Settings / Composing messages.
2020-01-07
Updated the card payment routine to comply with the SCA regulations. Hopefully this will make is possible to pay with more types of cards.
2019-11-26
Upgraded the SSL/TLS-certificate on our XMPP server (chat server).
2019-11-17
Fixed HTML email viewing problem. Some encrypted HTML emails could look empty if the sender styled the HTML email with the CSS tag '@import'. When we display HTML emails we have a security filter which removes some dangerous HTML/CSS tags. This filter could sometimes remove too much CSS if the sender used the '@import' tag.
2019-11-16
-Fixed Print mail issue. In our webmail interface under the 'More'-button menu, you have the 'Print this message' function. This function opens up a new window and you get a Print-dialog (to select Printer etc.). Sometimes the Print-dialog did not appear if the email was encrypted. We have now added a small delay so the email get more time to decrypt before the Print-dialog will appear.
-Updated our server-side spam filter. We are constantly upgrading our spam filter to keep Spam emails away from your Inbox, but also to minimize false positive flagged emails. If you still get valid (non-Spam) emails in your Spam/Junk-folder, you should create a Whitelist filter for the sender domains that you want to flag as valid. See this FAQ: https://support.countermail.com/kb/faq.php?id=156
2019-11-04
-Started updating pages with the words 'alias' and 'aliases'. In our new webmail, the alias-feature is called Identity. So 'identity' and 'identities' refers to the old term 'alias' and 'aliases'. For example, 'Domain identity' = was previously called 'Domain alias'
-Updated the Public keys Settings-page. If you have deleted the private key from our server, we have added a delay page so you don't miss to Download the updated Private key. This will only happen if you edit Identities in your keyring (under Settings / Public Keys, clicking the button 'Edit keyring').
2019-11-03
Changed our Terms of Use. You can read them here: https://countermail.com/?p=terms
2019-10-14
Emergency upgrade. One of our servers has a defect hardware part. We have to shutdown the server during the replacement. It will take approx. 30-45 minutes. Between 13.15-14.00 UTC+2
Update: The downtime was 20 minutes, between 13.17-13.37 UTC+2
2019-10-11
Fixed Base64 decoding problem. Some non-UTF-8 emails could sometimes fail to decode, so the email body looked empty.
2019-09-30
Fixed clickable links problem. In the last month, some links that contained mixed uppercase and lowercase letters would not work. It would only redirect to the lowercase location. For example, this link:
'https://example.com/LinkUrL' would link to 'https://example.com/linkurl'.
2019-09-09
Changed the expiration warning email to 14 days. You will be notified by email of a pending expiration 14 days before your account expires. A second email will be sent to you 7 days before the expire date. If it's less than 5 days left, you will get a daily warning.
2019-09-04
Closed down the registration of NEW accounts. Members that already have an account will not be affected. Premium members with their own domain option can still register domain accounts in the Domain Panel.
The reason that we closed the registration is because of the amount of abuse with the free Trial accounts. We will open the registration when we found a solution to limit the free accounts even further. We can not say a date when we have found a solution for the free accounts.
2019-08-09
Fixed attachments issues on MacOS and on iOS devices. PGP/MIME encrypted attachments was not possible to Download/View due to recent changes in MacOS and iOS (most Safari-based web browsers). Other web browsers like Firefox did not have this problem.
2019-05-03
Improved the the HTML filter. Some types of HTML emails could be slow to display in the web browser. We have now improved our HTML display-filter so these HTML emails should display faster.
2019-04-26
Changed free Trial accounts limitations, less restrictions and more storage space. Read more here.
2019-04-26
The problem with Unread emails that was marked as Read after server encryption has now been solved.
2019-04-25
Unread email problems. We currently have a problem where some emails have been flagged as Read, even though they are Unread. This is not a security breach, it's one of our encryption scripts on our server that fails to set the correct flag after the email has been encrypted. This issue will be solved within the next 24h.
2019-04-13
Upgrading of our support server is finished
2019-04-11
We are currently upgrading our support server. During this time you can email to support@countermail.com for support questions.
2019-03-14
-Fixed some issues with iOS/Apple emails. Some emails that was sent (unencrypted) from iOS or Apple Mail could sometimes appear blank, this happened after they had been server encrypted, but only if the email contained HTML text or attachments and the user had selected PGP/MIME as server encryption method.
2019-03-08
-Fixed UTF-8 decoding problem in PGP/MIME emails. Some characters in some PGP/MIME emails was not displayed correctly.
-Changed free Trial accounts limitations. These accounts can now send email to other secure email providers and VPN providers. Earlier these accounts could only send email to Countermail domains
-Changed storage space for premium accounts. The default storage space is now 4 GB.
2019-02-19
-Fixed double spacing when replying HTML
If you replied to a PGP/MIME encrypted HTML email, you got double line spacing in the reply. This has been fixed to single line spacing.
2019-02-01
Changed default compose-encryption to PGP/MIME.
We changed our default encryption method to PGP/MIME because it works much better on mobile devices. It's the K9-app on Android and Canarymail-app on iOS (iPhone). You can change the methods under Settings / Preferences /Security & Keys, 'Server encryption method for unencrypted emails' and 'Encryption method for composing email'. PGP/MIME encrypted emails got a padlock as the symbol for encryption method.
2019-01-28
-Fixed problem with inline-attachments in PGP/MIME emails
Some inline-attachments would not display correctly in PGP/MIME encrypted emails
-Fixed problem with Bcc:-attachments.
If someone sent you an encrypted PGP-attachment where you were listed as a Bcc:-recipient, the attachment could fail with the message: 'Error: could not decrypt file'.
2019-01-27
Fixed some issues with PGP/MIME emails:
-Mail attachments sent from iOS/Apple mail could sometimes fail to decrypt
-Mail attachments with long filenames could sometimes get a blank filename
-Multipart PGP/MIME emails, for example an email with multiple plain/text bodies, did not display all parts correctly
2019-01-25
-Fixed problem with some third party script-generated emails.
Some servers use scripts to generate & send email to our server. Some of these script-generated emails could not be read in our webmail client, for example 'Formscape'. This has now been fixed.
2019-01-23
New SSL certificate. Click here to see the latest hashsums and certificates.
2018-12-20
-Completed full support for PGP/MIME
You can now send messages in PGP/MIME format instead of PGP-inline. PGP/MIME works better on mobile devices.
We recommend that you change to PGP/MIME. Go to Settings / Preferences / Security & Keys.
In the setting "Encryption method for unencrypted emails" select "PGP/inline for text, PGP/MIME for HTML & attachments"
In the setting "PGP method" select "PGP/MIME"
Click on the Save-button.
-Better handling for attachments
If you use Firefox or Chrome you can now select multiple attachment files in one go. You can now click Forward on any encrypted email with attachments, and the attachments will first decrypt and then added to the new Compose window. Attachments will now be uploaded only when you click Send, this means that you can change recipients as you wish during the composition, the attachment does not need to be removed or uploaded again
2018-10-10
-Fixed problem when sending unencrypted and signed emails (signed-only emails)
-Improved attachment handling when forwarding attachments
-GUI improvements for 2FA-login
2018-09-25
We have now lowered our prices and also increased our storage space for all premium subscriptions! Read more here.
Older premium members will automatically get the extra storage space within the next 48 hours.
2018-09-02
Fixed bug when adding an alias to your public key. If you added an alias to your public key (keyring) you might have to redo that. This bug has been present from Aug 14th until Sept 2nd. If you have not added any alias to your public key during this time, you don't have to do anything.
Adding an alias to the public key is a manual action that you do under Settings / Public Keys,
click on your own username in the Public Keys column, then click on the button 'Edit aliases in keyring' in the right window. Select all the aliases that you want to be visible & searchable in your public key by clicking in the checkboxes.
If you added an alias to your public key (between Aug 14th - Sept 2nd), the public key was modified correctly but the new alias was not searchable (people could not find the public key for that specific alias). To fix this you have to redo the process, some users may have to first delete the alias from the public key, save it and log out. Then login and add the alias to the keyring again.
2018-08-08
We have to perform maintenance between 23.00 CET (GMT+2) Aug 8 to 01.00 CET (GMT+2) Aug 9th. The expected downtime is two hours. We are going to replace some of our servers. We are sorry for any inconvenience this maintenance will cause you.
2018-07-31
Fixed login problem after a password change or USB activation. This problem only occured if the mobile TwoFactor Login was activated before the password change/USB activation.
2018-07-30
Updated our XMPP chat server
2018-06-20
-Fixed decryption/verification bug. Some emails did not decrypt correctly.
-Added warning message if the senders digital signature key could not be found
2018-06-13
-Fixed bug when editing/opening Drafts with attachments
-Fixed bug when sending encrypted email to a new contact, it was not possible to send encrypted to a new contact (Public key was not found)
2018-06-12
Several minor updates and improvements, some of them:
-On the login page, warn user if they selected the wrong private key (only for users that already deleted their private key from our server)
-Added support for Two Factor Authentication (our own mobile app for iOS and Android) and support for TOTP Two Factor (Google Authenticator)
-Updated the HTML compose editor - TINYMCE - to the latest version (several bugfixes)
-Updated many icon-images (better quality)
-Fixed some HTML parsing errors (when viewing HTML emails)
2018-05-16
Added support for Forward-encrypted-attachments, for both PGP-inline and PGP/MIME attachments.
2018-05-12
The DNS problem should now be solved.
2018-05-12
We have a DNS problem, we are looking into this issue.
2018-03-18
-Fixed bug when sending encrypted email to Bcc-recipients, the Bcc-recipients could not decrypt the message
-Added support to view double encrypted HTML emails (if the email was corrupted when the sender composed it)
-Fixed bug when replying to PGP/MIME encrypted HTML emails. The reply could sometimes contain HTML tags
2018-03-13
Our datacenter had a internet connection problem between 15.14 - 15-24. Server was down for 10 minutes.
2018-02-23
-Added setting interface for and Email Notifications. Under Settings/Preferences/Email Notifications.
-Added setting interface for Secure Forms. Under Settings/Preferences/Secure Forms. If you already use the old Secure Forms, you need to change the POST action URL to https://webmail.countermail.com/forms/cm_form.php
2018-02-22
-Fixed some decoding problems for PGP/MIME encrypted emails
2018-02-08
Updated XMPP chat server. New host name: xmpp.countermail.com. XMPP username and password can be found/generated under Settings / Preferences / Security & Keys -> Chat settings (only for paid accounts).
2017-01-27
-Added the feature 'Delete private key'. Under Settings / Preferences / Security & Keys.
2017-01-25
-Added a white skin - change skin under Settings / Preferences / User interface
2017-01-24
New SSL certificate. Click here to see the latest hashsums and certificates.
2018-01-19
-Fixed Firefox 57.x logout problem - if you did a forced refresh of a page, you could sometimes get logged out
-Fixed attachment problems when the filename contained UTF-8 characters
-Changed default behaviour for email headers (From, Subject & Date) - always display these headers when opening an email
-Added Auto-add-recipients feature - automatically add new recipients to your Contacts. When sending new emails, it will check if the recipient is included in your Contacts. This feature can be enabled/disabled under Settings / Security & Keys -> [x] Auto add recipients to addressbook
-Added PGP/MIME viewing - when reading PGP/MIME encrypted email, it will now display the full email and attachments
2017-12-27
-Changed default HTML line spacing when composing HTML emails
2017-12-14
-Fixed some minor graphical bugs when displaying HTML emails in the new webmail interface
-Changed default setting when reading/opening emails, it will now display both the email address and the name in the upper header-fields (From: & To:)
2017-12-12
-Fixed problem when saving encrypted Drafts
2017-12-10
-Fixed decryption of some special emails with with multiple text-bodies, the last part was not decrypted in some cases.
2017-12-09
-Fixed wrong BTC currency rate. We had wrong currency rate conversion between Thursday 7 Dec and Saturday 9 Dec. We will contact all customers who paid with wrong currency rate.
2017-12-08
-Fixed some graphical bugs with thread-views in the new webmail interface
2017-12-02
-Fixed Upload file attachment problem, caused by yesterdays Internet Explorer 11 fix. We strongly recommend to NOT using IE11. We recommend using Chrome, Firefox, Safari or Microsoft Edge. Internet Explorer is very slow with encrypt/decrypt operations, compared to all other web browsers.
2017-12-01
The old webmail interface will be taken offline. If you have Contacts or Safebox-records in the old interface, you should export them and import them into the new webmail interface. We will keep the old webmail data for many days, so it will still be possible to Export/Import afterwards.
-Added Public-key alias modification in the new webmail interface, under Settings -> Public Keys. Click on your own key (green color), then click on the button called [Edit aliases in keyring].
-Fixed Safebox import confusion. To be able to import an old safebox-file you must first login to your Safebox, we have now added an alert warning to inform about this.
-Fixed Internet Explorer 11 problems with Safebox and Public keys
2017-11-23
-Fixed corrupted links; sometimes when you replied to an email which includes links, the links could get corrupted in the reply.
-Added decryption of emails with multiple text-bodies; some email clients create emails with multiple bodies, earlier we only decrypted the first body, now it should decrypt all text-bodies.
-Changed many things to increase the speed in the interface
2017-11-12
-Added setting in new webmail interface:
'[x] Show warning if public key was not found for a recipient' under Settrings / Preferences / Security & Keys. This will enable/disable the public key warning that you get if you send an email to some recipient which don't have any public PGP-key.
2017-11-02
-Added Domain Panel in new webmail interface, under Settings.
2017-10-29
-Fixed registration problems in Safari.
2017-10-22
-Added USB activation function in the new webmail interface. Under Settings / Preferences / Security & Keys
2017-10-15
-Added Safebox feature - available under under Settings. To import old Safebox entries; login to the old interface and Export the old Safebox. You can then import the old safebox file into the new Safebox.
-Fixed attachment decryption problems, some attachments did not decrypt correctly
-Fixed corrupt HTML emails, some HTML emails was not displayed correctly
-Several minor skin changes
2017-09-26
-Added 'Add/Remove' identities (aliases) function in new webmail interface
2017-09-25
See this FAQ how to import the old contacts into the new webmail interface:
https://support.countermail.com/kb/faq.php?id=249
2017-09-24
-Fixed Public/Private keys export-format for Windows, some PGP-application do not handle new lines correctly, added workaround for this
-Fixed Attachments problems in Internet Explorer
-Added Change password-function in new webmail interface
2017-09-05
New payment URL : https://webmail.countermail.com/payment/index.php
2017-09-01
We have to perform maintenance on Sept 2nd between 00.00-03.00 GMT+1. This means that you will not be able to login during these hours.
2017-08-30
We have a new registration page here: https://webmail.countermail.com/register/index.php
2017-08-27
Some users had login issues and decryption problems in the new webmail, these issues has now been resolved. We will continue to add functions which are still missing in the new interface:
-Import of SafeBox
-Import of Contacts
-PGP/MIME decryption
-Domain aliases
-White theme/look
-Detailed account info with import/export of PGP keys
-New Sign-up page
2017-08-24
We have now opened up the new webmail system on https://webmail.countermail.com.
If you miss some emails in your Inbox, which may have arrived today after 19.00 (GMT+1), they will be transferred automatically to your account during this night
2017-08-23
On Thursday the 24th, between 19.00-22.00 CET (GMT+1) our webmail system will be offline. We are going to move over to the new webmail version.
2017-08-13
The migration script that processes all users is still running, it takes a bit longer than we expected, hopefully the export and import of all users will be ready within the next 24 hours. When this process is done we will open up the new webmail version.
2017-08-11
We have started the migration of all users to the new platform, it will take up to 24 hours before all users have been transferred to the new system.
2017-08-06
Today we had some problems with the new webmail version, we will continue the upgrade on Monday Aug 7th.
2017-08-02
A new webmail version will be released in the first week of August. Some users will get access on Aug 4th, others will get access later in the week. This new version does not require java, only Javascript. It should also work in web browsers for mobile devices.
.....
Older Changelog events between 2010-2017 has been removed (taken offline). This was the time period when we used Java as encryption engine. Today we use Javascript with the app from https://openpgpjs.org/
.....
|