Skip to end of metadata
Go to start of metadata

The mailbox.org servers are located at two separate locations in Berlin. We have secure physical access to each of these locations. Our Internet lines follow different routing paths and are owned by different providers. High capacity, large data volumes, short routing paths: When selecting our locations, the most important criterion, apart from ensuring that the given locations fall under German jurisdiction, was the quality, not the price. This means that biometric access controls, power supply with multiple physical redundancy, cooling systems, and continuous system monitoring are integral to the international standards upheld in our data centers.

mailbox.org IP addresses appear as if they are in Ukraine

We have received a number of reports that some antivirus programs show that the IP addresses of our servers appear to come from Ukraine. We are currently looking into this issue, but we have not yet determined the reason for this incorrect information. Our systems are located in Berlin, Germany, and our IP addresses are legally registered to us, the owner, in Germany. We have nothing do with any Ukrainian IP addresses; this information is incorrect.

No Ping/traceroute for mailbox.org?

Informed users will have noticed that the mailbox.org servers cannot be reached via Ping or traceroute.

traceroute to mailbox.org (80.241.60.194), 64 hops max, 52 byte packets
[...]
4 92.79.213.138 (92.79.213.138) 29.428 ms 33.902 ms 38.099 ms
5 ve3405.bbr1.ams1.nl.inetbone.net (195.69.144.155) 28.209 ms 30.601 ms 30.988 ms
6 ve3001.car1-ber1.mesh.eu (213.203.213.76) 39.278 ms 41.699 ms 39.993 ms
7 gate-1.heinlein-hosting.de (87.119.196.100) 42.703 ms 44.108 ms 42.850 ms
8 * * *
9 * * *

Our firewalls are configured to prevent the disclosure of our internal network nodes. This is common practice within an organization and does not mean that the servers aren't working correctly.

Our outermost firewall (alias: gate-1/2.heinlein-hosting.de) is the last one visible from the internet.

Note: Our firewall may temporarily block suspicious requests

For us as server operators, deciding how to deal with client IP addresses that may be associated with suspicious activities is always a sensitive balancing act. Such activities include many login attempts using a wrong password, or a large number of unsuccessful connection attempts to our servers (e.g., targeting closed ports). The mailbox.org firewalls are configured to detect and react to such events. An IP will be blocked if there is any indication that someone may be trying out different passwords in order to get access to an account (a possible brute-force attack), or if there are many connection requests within a short amount of time, which could mean someone is trying to compromise our network security.

Unfortunately, the system is so sensitive that even a traceroute command could cause a temporary lock-out in some cases, where the IP address from which the request was sent will then be blocked by the firewall for about 15 minutes.

A blocked IP can also be due to some e-mail clients operating in “Auto-Mode“, where these programs try to guess our hostnames and inbox parameters during account setup. This may lead to a large number of unsuccessful connection attempts, and if the user then also mistyped their password, the resulting pattern can look to the firewall like an attack on the account.

In particular new users, who may be in the middle of configuring their client software for use with mailbox.org, may face a situation where they get locked out for 15 minutes if something went wrong during setup. We understand that such experiences can be annoying and confusing if one does not know what is going on. However, rest assured that if there is a problem, it will usually just be due to the way these automatic setup programs work. Any firewall problems will usually go away once the clients have been set up correctly.

Any IP that has been blocked automatically will also be unblocked automatically after about 15 minutes. We are aware that this is not an ideal solution and are making a constant effort to fine-tune firewall behaviour in order to find the right balance between convenience and security.