Summary: mail.blacknight.com is moving to a new end point that will support the latest and greatest TLS protocol, 1.3. We will support TLS 1.0, 1.1, 1.2 and 1.3 initially. This is in order to ensure minimum disruption to customers. In the future we will remove support for 1.0 to 1.1 and support 1.2 and 1.3 only.
What does this mean for me?: When we make the change it’s possible that your email client may give an certificate warning. This should be fine to ignore/accept. We have tested most modern clients in a simulated switch over scenario and they all work fine. Our newest webmail client at https://webmail.blacknight.com/ has been using this endpoint since inception many months ago.
When: On Tuesday 14/11 @ 08:30am Irish time (08:30 UTC). The A record for mail.blacknight.com will be changed to the new IP. We will change the “Blacknight branded” records later this once this beds in.
There should be nothing for anyone to change in their email client for this change.
Update: 14:30 14/11: This change was made at 08:30 but had to be rolled back due to some initial scaling issues. After a number of additional nodes were added, configuration tweaks were completed by lunch time we made the change again at 13:30. This has worked fine and we shall be leaving this as is for now.
N.B. direct access to 81.17.254.9 will be restricted in the coming weeks. We note that there appears to be direct traffic bypassing our DNS going to this IP. This will only continue to work in the short term.