Postmark

Posted by Comments

We’ve been spending the last two days auditing and responding to the OpenSSL vulnerability that’s known as Heartbleed. This bug is notable because it is widespread (around 70% of the Internet uses Apache and Nginx, and by extension, OpenSSL) and can cause disclosure of sensitive data, including private keys and passwords. The issue has been assigned the following CVE identifier: CVE-2014-0160.

On Tuesday, April 8th, our initial action was to promptly begin applying security updates as they became available for the varying types of systems we use. As a precaution, we also cleared all logged in sessions for all accounts and users, this required everyone to login again.

We’ve audited our systems and currently have no indications of any unauthorized access, however as a precaution, we rekeyed and reissued all of our SSL certificates.

Out of an abundance of precaution, we do recommend resetting your password. Also, you can reset your API key. It’s easy in Postmark, go to your Server > Credentials tab > Generate a new Key.

We know this is affecting an incredible amount of apps and websites, many run by our own customers. If we can help you based on our own knowledge, please get in touch. And of course, if you have any concerns, please email support.

Posted by Comments

Today we released an improvement to our date selector for the stats overview chart. We realized that some filter names were confusing, and others were missing.

The purpose of the filter is to get you the data you want to see quickly. Instead of having to choose a start and end date, you can just click “Last 7 days” and view that time span instantly.

Date range selector

The changes include:

  • Last month is now called Previous Month. This will display the last calendar month.
  • Last week is now called Previous Week. This will display the last calendar week, Monday through Sunday.
  • Added: This Month. Shows the current calendar month.
  • Added: This Week. This shows the current week, starting with Monday.

You’ll still be able to select a specific timeframe at the bottom of the selector. Hopefully this is more clear and helps get you the data you need, faster.

Posted by Comments

This is an update to our earlier reported queueing of emails.

At around 10:50am EST our datacenter was doing some IP address mapping on our entire environment (Beanstalk, Postmark and dploy.io). Unfortunately, they set the wrong IP mappings, which caused Postmark to send emails from an IP that is not intended for sending mass emails.

For about 40 minutes, Postmark used an IP that does not have the reputation for sending large volume of transactional emails, which meant that email delivery was negatively affected. As soon as we realized the issue we put Postmark offline so that we wouldn’t continue to send using the wrong IP. You will see bounces for emails that were rejected by ISPs. Sadly, we can’t resend those emails programmatically, but you can send them again.

We’re working on getting everyone reimbursed for those emails that were sent in that amount of time. We’re running a query now and we’re going to add them back for everyone today.

We can’t know for sure what emails were accepted and which weren’t, and we’re extremely sorry for that. We’re working with our datacenter team to figure out how that could have happened and make sure it never, ever happens again.

I’m sorry, we’re so disappointed this happened.

Posted by Comments

Bounces are a big part of troubleshooting delivery issues. We provide our customers a lot of information about bounces:

  • We provide a specific bounce type so that there is a specific reason the bounce occurred.
  • We provide the full bounce message, exactly what our servers receive.
  • We store bounced messages forever because of their value in troubleshooting.

When we detect a Hard Bounce or a Spam Complaint for a particular address, we will deactivate the address. This helps us keep delivery rates high as it gives Postmark a good reputation with ISPs. It also helps our customers so that credits are not spent to send email to addresses that don’t exist. However, it becomes a problem when we incorrectly parse a bounce as a Hard Bounce. Then a legitimate user’s address is deactivated and won’t receive emails.

I’ll describe the recent efforts Postmark has put into reworking our bounce processing and categorization so that our customers have the best deliverability we can provide.

Continue reading…

Posted by Comments

Today we released an update to Postmark that will be a big help to our SMTP customers. Tags are now officially supported just like in the API!

What are tags?

Adding tags to your messages let you categorize them for sorting and searching later. You can search your Postmark activity feed by tag, allowing you to find messages faster. In addition, with our upcoming open tracking, tags will allow you to segment campaign statistics.

image

In the example above, the user added the product-orders tag to order emails to their customers. They may use a different tag for password resets or confirmation messages to make the messages easier to search later on.

Searching for Messages by Tag

Since you added tags to help categorize your messages, it would make sense that you could search by them, right? Enter the Messages API! Using a GET Messages API call and filtering by tag will show messages which include that tag.

GET http://api.postmarkapp.com/messages/outbound?offset=0&count=10&tag=product-orders

{
    "TotalCount": 1,
    "Messages": [
        {
            "Tag": "product-orders",
            "MessageID": "33560647-52ab-40de-92a-jfkdjk89ac08",
            "To": [
                {
                    "Email": "user@example.com",
                    "Name": ""
                }
            ],
            "Cc": [],
            "Bcc": [],
            "Recipients": [
                "user@example.com"
            ],
            "ReceivedAt": "2014-02-14T11:14:25.5323963-05:00",
            "From": "\"Order Fulfillment\" <orders@yourcompany›.com>",
            "Subject": "Parts Order #5454",
            "Attachments": []
        }
    ]
}

Now that tags are fully supported in SMTP, we think it will be a big help to keep your messages organized!

Posted by Comments

Some of the most frequent feature requests we get have to do with adding more API endpoints to further automate the Postmark experience. Today I’m happy to announce that we’ve added not one, but two new API endpoints to make automating your Postmark experience even easier!

Continue reading…

Posted by Comments

From time to time our customers email us asking to troubleshoot delivery issues to an ISP (Gmail, Yahoo, etc). The steps to troubleshoot the problem are usually the same no matter what the cause. I’d like to share a few tips so you can do this any time you run into an issue.

In most cases, delivery issues come up for three reasons: Infrastructure, Sending Practices and Content.

Continue reading…

Posted by Comments

We regularly add servers to our infrastructure to improve performance and reliability, or when machines need to be replaced. Without a good process, adding new machines to production can be a scary experience. Documentation can be outdated, a human can skip a step in a checklist or a different version of a library can be installed. Using Chef allows us to add new servers confidently and quickly.

Chef is a tool that automates configuration, installing packages and almost anything you can think of. We’ve been using Chef for a while for Linux automation, but Chef also has great Windows support. As Postmark is comprised of both Linux and Windows servers, it wasn’t too hard to extend our Chef coverage to Windows to make adding new Windows servers that much easier.

Chef has a lot of features and it can be hard to discover all of them on your own. The following is a list of Chef features on Windows that we’ve found useful.

Continue reading…

Posted by Comments

This morning while running a database update Postmark had a major outage, which lasted about four hours. It’s by far one of the longest outages we’ve ever had since we launched in 2010. I’d like to explain what happened and what was affected.

Continue reading…