Most of you know that web addresses beginning with "https" use secure connections. The original protocol name for those secure connections was Secure Sockets Layer (SSL). Over the years, that has evolved into Transport Layer Security (TLS). Many people still call it SSL even though all versions of SSL are obsolete.

TLS and SSL represent a family of protocols, and each protocol has several variations. When your web browser contacts a server using TLS, the browser sends a list of protocols and variations that it supports. The server picks the best combination that it also supports. All of that happens in an instant, and the web browser and the server begin their secure conversation.

We have recently made a few enhancements related to TLS for all AcceptIO-hosted web sites, including AcceptIO.com. If you control or influence the operation of any other web sites, we encourage you to do the same things.

Over the years, many protocol versions and variations have become obsolete, either  because they had technical problems or because of discoveries of weaknesses in encryption algorithms. We have changed the AcceptIO web server configuration so that it no longer supports those obsolete versions. (For the technically inclined, that means the server will not support protocols older than TLS 1.2, we don't support low-security algorithms, and we specifically disallow some encryption families that have known weaknesses.)

All connections to all AcceptIO-hosted web sites is now secure. If you connect using an "http" web address, the server will automatically redirect you to the equivalent "https" web address. This is part of a world-wide movement to secure all web connections on the Internet. 

We have switched to using security certificates from the non-profit Let's Encrypt project. Those certificates are trusted by recent versions of all popular web browsers. We took the opportunity to use a matching certificate for all AcceptIO-hosted web sites. Previously, all of those sites used the AcceptIO.com certificate, which meant that web browsers gave warnings about mis-matched server names. You should not see any certificate warnings in your browser now.

The last few weeks of 2014 brought about a pretty dramatic increase in arriving spam. Like us, you probably saw your share of fake Fedex delivery problem notices, fake Amazon bonus coupons, and the usual assortment of quack medicines for diabetes and ED cures. One of the characteristics of the recent rising tide is that it seems to be exploiting previously captured lists of email addresses from security breaches at places like Adobe.

If too much spam is making it to your inbox, you might like to consider tuning your settings related to spam scoring. You can read about in the article Spam Scoring and Actions. If you are using the suffixing feature to create different email addresses for different sites, you can use our email filtering feature to block specific email addresses. For example, if you are using the email address "This email address is being protected from spambots. You need JavaScript enabled to view it." with Adobe's site, but you are now getting a ton of spam for that address, you can do something about it with the following recipe:

  • If you still might be getting legitimate email from that web site, make up a new suffixed address, like "This email address is being protected from spambots. You need JavaScript enabled to view it.".
  • Go to that web site and change your contact email address to the new one.
  • Use email filtering to reject messages to the original address.

We don't have an automated process for setting up email filtering, but our happy and cheerful AcceptIO elves will be happy to cheerfully do it for you manually if you tell us what emails address suffixes you want blocked.

Until September 2011, the AcceptIO.com web site had a fairly simple look. Things at least look a lot nicer since then compared to a while back. At this time, we don't have a whole lot more content on the site, but we have converted it so that it's managed by a web content management system (CMS) called Joomla! (the exclamation point is their idea, not ours). As part of the recent site maintenance, we took the opportunity to upgrade to the latest version.

As part of the recent site maintenance, we upgraded Roundcube to the latest release, from 1.4.2 to 1.4.3. If you are interested in what has changed, you can view the detailed CHANGELOG.

If you have been using Roundcube, we think you will find this upgrade to have many small but pleasant changes. If you have not used Roundcube or haven't used it for a while, we suggest you give it a try. In either case, it is probably worthwhile to browse through the settings menu to configure things to your personal tastes.

One new feature that is especially noteworthy is the ability to use Roundcube as your email client for resolving "mailto:" links in web pages. You'll often find the URL behind an email address to be of the "mailto:" variety. If you want to open Roundcube for such things, log on to Roundcube and go to Settings > Preferences > User Interface. At the bottom of the page, you will find a link with the text "Register protocol handler for mailto: links". Use of this does depend on your using a mainstream browser with JavaScript enabled.

You can connect to Roundcube via links from the AcceptIO.com web site or directly via https://www.acceptio.com/rc. We did not write Roundcube; we merely installed and configured a local copy. Roundcube is open source, and the official web site for it is http://www.roundcube.net (they won't know anything about AcceptIO or our local installation).

If you have questions or comments about the local installation of Roundcube, please contact AcceptIO support at This email address is being protected from spambots. You need JavaScript enabled to view it.

We recently made some changes that are intended to improve things when doing a full text search of email messages.

   
© 2009-2020 AcceptIO. All Rights Reserved.
Site Terms and Conditions of Use
feed-image RSS Feed for This Page