December 10, 2010

New http://m., http://old., http://beta. and http://ssl. site prefixes

Historical

Rob Mueller

Founder & CTO

We’ve created a set of new domains for users to use to enable/test various features. These new prefixes should be added to the front what whichever domain you use. For instance instead of http://www.fastmail.fm, you can use http://m.fastmail.fm,
http://old.fastmail.fm, http://beta.fastmail.fm and
http://ssl.fastmail.fm. This also applies to all FastMail domains,
such http://m.eml.cc, http://old.myfastmail.com, http://beta.sent.com, etc.

Force the mobile web interface via http://m.

FastMail will attempt to detect if you’re using a mobile device, and display a mobile optimised version of the site if it detects that to be the case (eg Opera Mini, Opera Mobile, iPhone, etc). However it’s not possible to detect all devices, or in some cases the detection may be incorrect.

By using the http://m. prefix (eg http://m.fastmail.fm), this will force the mobile version of the site to be displayed.

Note that this is separate to the WAP version of the site, which is a very simple interface optimised for extremely low end phones that only have a WAP browser, which is different to a web browser. We generally don’t recommend the WAP site. For most low end phones we recommend using Opera Mini and the mobile http://m.fastmail.fm site.

Use the old web interface via http://old.

As mentioned the other day, we’re moving the old web interface from http://www.fastmail.fm/old/ to http://old.fastmail.fm.

The old web interface is deprecated. No more development or updates are being made to it. Features will be progressively disabled where they conflict with new changes (eg database changes, IMAP server changes, etc). We highly recommend users of the old web interface switch to the new interface. The improved search and keyboard shortcuts alone are a huge productivity improvement.

Sometime soon we’ll also be removing the user web interface preference, so that to login to the old web interface you will have to use http://old.fastmail.fm, using http://www.fastmail.fm will always
login to the new interface. We’ll be letting users of the old web interface know about that change shortly.

Use the beta web interface via http://beta.

The beta interface is where we test new features before rolling them out to production. We try and keep the beta interface stable, but we definitely don’t guarantee it. It may have serious bugs that cause downtime and/or email loss. If you like living on the bleeding edge you can use it, but for general day to day usage we don’t recommend it.

Previously the beta server lived at http://www.fastmail.fm/beta/ but is moving to http://beta.fastmail.fm.

Force redirect to https:// (SSL encrypted) version of the site via http://ssl.

FastMail supports over 100 different domains for users to signup at, as well as thousands of hosted domains for users, families and businesses. Unfortunately because of the way SSL encryption works, you need a separate SSL certificate for every domain (yes, there are some exceptions to this such as wildcards and SANs, but the general rule applies). It would be prohibitively expensive to buy SSL certificates for every domain we support.

Instead whenever we want to secure a connection, we redirect a user to our https://www.fastmail.fm domain. However this can be a little confusing users if we immediately do this when they go to our other addresses like http://eml.cc, http://sent.com, etc, so over the years we’ve built a slightly complex set of rules.

When you first enter a domain in your browser (eg http://eml.cc), we don’t redirect. However if you click “Secure Login”, we will replace the target of the post request to https://www.fastmail.fm so the content (eg your username and password) is encrypted.

At that point, we also set a cookie at the eml.cc domain, so the next time you go to http://eml.cc, it automatically redirects immediately to https://www.fastmail.fm so everything is immediately encrypted. This was done because the default login button (eg “Secure Login” or “Login”) used to be set depending on if you were at an https:// or http:// domain respectively. If you clicked “Secure Login”, we assumed you wanted “Secure Login” to be the default next time. This isn’t as relevant now that “Secure Login” is always the default, but it’s still good practice to redirect to the secure site immediately.

To add to these issues is the way usernames and domains interact. If you have an account bob@eml.cc, then if you go to http://eml.cc, you can login with just the username “bob”. However if you go to http://www.fastmail.fm, you would have to login with the full name
“bob@eml.cc”. Note that this works even if a redirect occurs. That is, if you go to http://eml.cc and you’re redirected to https://www.fastmail.fm because of a previous “Secure Login” you did,
you can still login with just “bob”, FastMail remembers the “original” domain you arrived on.

However this doesn’t help with users that use public terminals a lot. There won’t be a redirect cookie to go to the secure site by default. To help users with non @fastmail.fm addresses who are security conscious, we’ve add http://ssl. prefixes to all sites (eg. http://ssl.eml.cc) which causes an immediate redirect to https://www.fastmail.fm while remembering the original domain.

This is a small tweak, but useful for some people that are security conscious.