NOTE: Please bookmark this page for system status information.
This server is not located in the main data center.

Server time: Sun Apr 23, 15:40:29 UTC +0000

2016-12-21: 08:03 UTC     Account Manager and Some Webmail Down

A critical system failure has taken the Account Manager offline, and some webmail services (such as the mobile web clients) are also affected.

ETA for a fix is 12 hours.

2016-10-06: 20:01 UTC     Hurricane Matthew

Hurricane Matthew, currently a Category 4 hurricane, is approaching Miami which is where our primary server operation is located. Our data center is designed to handle Category 5 hurricanes, however there remains a risk of a service outage depending on the damage to the city caused by the storm. Please check here for updates.

UPDATE 2016-10-06 23:32 UTC

The storm has passed Miami without incident.

2016-10-05: 08:50 UTC     Email delays for some customers

A hardware problem with one of our mail clusters caused email delivery to be delayed for up to 45 minutes for some of our customers. The affected period is 2016-10-05 08:00 UTC to 2016-10-05 09:00 UTC (04:00 EDT to 05:00 EDT).

2016-04-09: 18:16 UTC     New * certificate


MD5 Fingerprint:

SHA1 Fingerprint:

SHA256 Fingerprint:

2016-04-09: 15:17 UTC     * certificate problem

Please bear with us as we work to resolve a certificate security issue that may be causing "invalid certificate" warnings when trying to receive or send email. ETA for a fix is about two hours as of this message. Note that incoming email is not affected.

In the meantime, you can use to access your email via webmail.

You may also accept the old certificate and continue to connect to the server as per normal if your client software is reporting this certificate fingerprint:

UPDATE 2016-04-09 1:30 EDT (17:30 UTC)
Problem has been resolved.

2015-12-16: 06:18 UTC     Service disruption on 2015-12-15 due to Level3 Outage

A router failure on Level3's network yesterday (2015-12-15) caused intermittent service outages for some Tuffmail users, especially those on the East coast of the United States. The outage period lasted from between 18:18 GMT and 19:20 GMT (1:18pm EST and 2:20pm EST). Some Tuffmail users report having lost connectivity to the IMAP/POP and SMTP servers, as well as to webmail and the Account Manager, for 15-20 minutes within that outage window.

More information here:

2015-12-12: 04:23 UTC     Network congestion/service interruptions

We're investigating a networking-related problem that is causing intermittent service interruptions. We're working to resolve the situation and will post updates.

UPDATE 2015-12-12 2:46AM EST

The problem has been resolved - all services are back to normal.

2015-01-20: 10:47 UTC     Network congestion/service interruptions

Our upstream network provider is experiencing extremely high network loads, causing intermittent interruptions to all Tuffmail services. The issue is under active investigation and we expect a resolution within 1-2 hours. We thank you for your patience.

UPDATE 2014-01-20 8:15AM EST

The situation has been resolved. The duration of the service interruption lasted from approximately 5:25AM EST to 7:25AM EST.

UPDATE 2014-01-20 10:00AM EST

The problem has returned. One of our network providers is currently experiencing a major denial of service attack that is overwhelming their routers. Some customers will experience intermittent service disruptions in the form of slow or broken connections. Please stand by while we address the issue.

UPDATE 2014-01-20 1:25PM EST

All services should now be accessible and connections should be stable, however data transfer rates might be slower than normal, which would appear as slow email loading times and messages remaining in your outbox longer than usual.

2014-09-26: 19:26 UTC     Statement on Shellshock

Shellshock is the name given to a security vulnerability in the bash (Bourne-again shell) command-line interepreter that provides a simple pathway for a remote attacker to execute arbitrary commands on an affected machine.

None of the servers in our primary data center have the bash interpreter installed and as such they aren't vulnerable to this exploit. These are the systems that handle inbound email, IMAP/POP, SMTP, LDAP, ManageSieve, and webmail.

The VPS instances that we do use (for the main website and for this status page) don't have bash as the default shell and we're certain that they weren't exploitable. Regardless, these instances were immediately patched when we learned of the vulnerability on Wednesday.

2014-05-17: 19:09 UTC     Tuffmail website / webmail clients

The main website and the webmail clients are offline due to a hardware failure. Please use while we work to resolve the situation.

2014-04-10: 20:37 UTC     Statement on Heartbleed

The older OpenSSL version we use for our production services isn't vulnerable to the Heartbleed bug, and so no customer data could have been captured from our systems using this exploit.

You can test our vulnerability to Heartbleed by using this tool: (Try,

2014-04-09: 05:00 UTC     New * Certificate

A new RapidSSL certificate was installed for websites and SMTP/IMAP/POP3/LDAP/MANAGESIEVE services.

Certificate fingerprints:
SHA1: 6F:F0:30:B6:31:6B:61:8E:2B:5F:F7:8F:B6:3F:73:D5:B8:5B:18:B3
MD5: 84:12:EF:B3:22:C1:A4:B0:1C:B3:3C:EA:CA:CE:33:CE

Page delivered in 0.061878 seconds, 54 files included