# MXroute :: Beta Announcement



## jarland (Dec 7, 2013)

Hi everyone!

I would like to announce my latest project and seek a few beta testers.

I've been planning out this new product for a while, and I am announcing the first beta stage of MXroute. MXroute is an e-mail hosting service. You bring your domain, you let us handle the server and the security. I'm not promising to be the next LavaBit, but more importantly I'm promising not to be the next gmail. I'm not looking to parse your e-mails for ad targeting. Hell, I'm not looking to parse your e-mails. Don't get an IP blacklisted and I won't have a reason to.

MXroute is it's own product, in partnership with Catalyst Host. All billing and support is currently handled through Catalyst Host.

I need three testers. I cannot tell you when beta will end, what the pricing structure will be, or what will be offered to you at the end of the beta period. As such I recommend using this for e-mail that is not mission critical. While I have no intent of taking it offline or making it something you cannot keep at the end of the beta period, I make no guarantees.

You can get in on this by making an order at mxroute.com.


Full disclosure: This is a partial return of myself to Catalyst Host. While I cannot be involved in any shared, VPS, or dedicated hosting with Catalyst, I am partnering with Catalyst to run this service. Blurred lines? Absolutely. Shady? Not intended to be. Ryan and myself will always be found working on something together. It's always been that way, I suspect it will always be.


----------



## drmike (Dec 7, 2013)

Congrats on the new project!

Care to elaborate a bit about what is so fabulous about what you cobbled together?

Web based interface for it?   IMAP, POP3, SMTP?


----------



## jarland (Dec 7, 2013)

drmike said:


> Congrats on the new project!
> 
> Care to elaborate a bit about what is so fabulous about what you cobbled together?
> 
> Web based interface for it?   IMAP, POP3, SMTP?


Roundcube, IMAP, SMTP. Slightly custom (more coming) Vesta interface. WHMCS integration customized by Ryan. Right now it isn't much to look at, but gotta get make sure we have the basics down as well as we think we do before we start implementing the more fun features I've got in mind


----------



## drmike (Dec 7, 2013)

^--- sounds nice/interesting.  Thanks for the info. 

Fun features... oh do tell when ready.


----------



## NodeBytes (Dec 7, 2013)

Signed up, would love to check this out/give feedback.


----------



## jarland (Dec 7, 2013)

NodeBytes said:


> Signed up, would love to check this out/give feedback.


Provision error #1 

Haha. Ryan is checking it out. He's the WHMCS integration master here. It's quite a bit of customization to force it to do e-mail domains only.


----------



## NodeBytes (Dec 7, 2013)

First thing, when you go to the actual mail interface it is not https.


----------



## jarland (Dec 7, 2013)

NodeBytes said:


> First thing, when you go to the actual mail interface it is not https.


Good call. There is a self signed cert there. Later today I'll make sure it directs to https. I'll have a cert signed by a trusted authority soon as well, just not too worried about it at first test phase.


----------



## jarland (Dec 7, 2013)

SSL installed. Webmail link forced to https. Two browsers and cache cleared in each, https link isn't working for me. Ryan says it works. I quit for the "night"


----------



## blergh (Dec 7, 2013)

Needs DNSSEC +DKIM!


----------



## spry (Dec 7, 2013)

Nice project, jarland. Congrats.

 

Mind asking. What types of security will be in place?


----------



## Kadar (Dec 7, 2013)

Darn it looks like its gone. If you open up to more testers let me know I would like to give it a try


----------



## ryanarp (Dec 7, 2013)

Looks like we only had 2, So I added another, I must have reduced stock when I was trying to test provisioning. With "free" account it wasn't auto provisioning at all.


----------



## jarland (Dec 7, 2013)

blergh said:


> Needs DNSSEC +DKIM!


Good thoughts!



CloudOtto said:


> Nice project, jarland. Congrats.
> 
> 
> 
> Mind asking. What types of security will be in place?


Currently plan is that security will not be so strong as to eliminate the required layer of trust between the user and myself. Consider your security to be that of a strong shared hosting provider. A lot of people give shared hosting providers hell, but considering the size and value of their databases, the big guys so rarely face actual intrusions. The reason being that solid security really is easy.


What you can count on me to do is be thorough in creating a narrow path for myself for administrator access, evaluate logs daily, and to test any known methods of exploit on relevant software.

I value data privacy. I am angry at the NSA. That said, I'm not really a threat to them. I can't control what happens when it hits upstream. If they get a warrant and pull a server, they won't have much trouble getting what they want. While I'd like to address this in the future, I don't know if it's my strong point, and I want to make sure I can provide the basics as well as I think I can first.


----------



## blergh (Dec 7, 2013)

jarland said:


> Good thoughts!


Great! Let me know if you need a hand with it, i'd be happy to help.


----------



## wlanboy (Dec 7, 2013)

Nice project.

One thing about the SPF rule:


SPF RECORD (TXT): "v=spf1 include:mxroute.com -all"

This would be enough:


v=spf1 mx -all

Because all mx records are included and I do have to add one (*MX RECORD:* mxroute.com).


----------



## jarland (Dec 7, 2013)

wlanboy said:


> Nice project.
> 
> One thing about the SPF rule:
> 
> ...


Good call


----------



## wlanboy (Dec 7, 2013)

And for Thunderbird users:

Add cnames for imap.domain.com and smtp.domain.com pointing mxroute.com too.


----------



## sleddog (Dec 7, 2013)

Be sure to add support for autodiscover (Outlook) and autoconfig (Thunderbird et al.). I finally got these figured out yesterday so now I'm an expert


----------



## HostUS-Alexander (Dec 7, 2013)

Just ordered (I already have a VPS From Catalysthost) and MaxMind rejected my order.

Very weird, i have never been rejected from any host before lol.


----------



## ryanarp (Dec 7, 2013)

Lol that is a bad max mind. I will look into that.


Order processed and I found the check box to skip fraud check for people with active service.


----------



## jarland (Dec 7, 2013)

sleddog said:


> Be sure to add support for autodiscover (Outlook) and autoconfig (Thunderbird et al.). I finally got these figured out yesterday so now I'm an expert


Funny you should mention that. We were just talking about that


----------



## jarland (Dec 7, 2013)

If anyone notices a private cert loading anywhere let me know. Comodo SSL should be on exim, dovecot, and nginx.


----------



## jarland (Dec 7, 2013)

If anyone wants to follow the progression of this or have any input on the development of MXroute, I've set up a forum for the beta, just so I'm not having to send out e-mails or post here for updates.

http://mxroute.com/forum

This is your Google Apps replacement, so join in the development


----------



## wlanboy (Dec 10, 2013)

I like the service and all important settings are made:



Thunderbird -> mxroute: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)



```
mxroute -> my server: TLSv1:CAMELLIA256-SHA:256
```



```
DKIM-Signature: v=1; a=rsa-sha256; for mxroute.com
```

Catchall email: /dev/null
Only things to complain about:


The new layout does have two "Launch Webmail" buttons.
The buttons for list accounts, add account, edit, delete, are not visible.


----------



## jarland (Dec 10, 2013)

wlanboy said:


> I like the service and all important settings are made:
> 
> 
> 
> ...



Good call! Fixed. No more editing templates until I've had my nap.


----------



## ihatetonyy (Dec 10, 2013)

This looks really nice. Any plans for 15-20 account plans in the future; and, if so, how much do you think they'd run?

(Also, I tried to get in on a freebie account and CloudFlare dicked me over and blocked me.)


----------



## jarland (Dec 10, 2013)

ihatetonyy said:


> This looks really nice. Any plans for 15-20 account plans in the future; and, if so, how much do you think they'd run?
> 
> 
> (Also, I tried to get in on a freebie account and CloudFlare dicked me over and blocked me.)


Ha Cloudflare blocked me too. Gotta get Ryan to look at that. Definitely more plans coming


----------

