Announcements and Updates – Page 4

DNS over HTTPS and TLS

Post author By Seth
Post date February 21, 2021

We’ve recently enabled DNS over HTTPS (DoH) and DNS over TLS on our resolvers for our customers (IPv4 and IPv6).

For DNS over HTTPS (DoH) use:

https://dns.rollernet.us/dns-query

For DNS over TLS use:

tls://dns.rollernet.us

Our DNS servers validate DNSSEC (queries will be answered with SERVFAIL in case of bogus data). If you have trouble resolving DNS that appears to work with sites that are not DNSSEC-aware, check it with the DNSViz tool: https://dnsviz.net

Our DNS servers will only respond to queries from our network (users on Roller Network IP addresses). If you are a peer or downstream customer with your own address space, please contact us to add your IP addresses to our “allow” list. For public service we recommend Quad9. Quad9 is globally anycasted including a local peer in Reno, NV at TahoeIX. For more information visit: https://www.quad9.net

Announcements

New Site

Post author By Seth
Post date February 10, 2021

New website. Same content. Less pictures (for now but we’ll work on that, maybe). We have redirects for all the old URIs we know of, but let us know if something is broken.

Changes Status

SSL/TLS Changes

Post author By Seth
Post date January 7, 2021

We’re going to start turning off TLSv1.0 and TLSv1.1 per best current practices (BCP 195), and start working on updates to add support for TLSv1.3. Our account control center is first. Other services will be changed as we work on configs or other updates for both web and mail services.

As of early 2020, support for TLS 1.0 and TLSv1.1 has been removed in current versions of major browsers. For more information about the depreciation of TLS1.0/1.1 see: https://blog.qualys.com/product-tech/2018/11/19/grade-change-for-tls-1-0-and-tls-1-1-protocols

We’re also changing our ACME client for Let’s Encrypt certificates. We started out using certbot, however certbot is moving to an app store framework (Snap) for future updates and we don’t want to install such things on our servers. So we searched for an alternative ACME client that we liked and settled on dehydrated. For more information on dehydrated visit them on github at: https://github.com/dehydrated-io/dehydrated

Announcements Changes

Peering at SFMIX

Post author By Seth
Post date August 28, 2020

Now peering at SFMIX in the San Francisco “Silicon Valley” region of California. Roller Network has an open peering policy and we are happy to peer with networks of any size. We’re also on the route servers.

Announcements Changes Status

SquirrelMail End of Life Notice

Post author By Seth
Post date August 25, 2020

Since the very beginning of our hosted mail service, SquirrelMail was there as a webmail option. It’s served thousands of users well, but the time has come where we need to declare SquirrelMail end of life (EOL) and no longer supported. SquirrelMail has not been actively developed for several years, and incompatibility with other upgrades we will be making across our system is very likely.

As an EOL service, we will no longer test changes for compatibility with SquirrelMail. Although the basic email functions of SquirrelMail will continue to function, any broken additional features in SquirrelMail will be removed or disabled.

We understand the desire for a simple webmail interface still exists in our customer base and we will be looking at replacement options. In the meantime, please plan to migrate your webmail needs to RoundCube at: https://webmail.rollernet.us/roundcube

SquirrelMail will be shut down on December 31, 2020.