- Detected by Pingoru
- May 01, 2026, 04:52 PM UTC
- Resolved
- May 01, 2026, 03:00 PM UTC
- Duration
- —
Timeline · 1 update
-
resolved May 01, 2026, 04:52 PM UTC
This morning, a third-party package repository used by our virus scanning infrastructure experienced an outage following an attack on its systems. Because our virus scanning instances rely on this repository at startup to pull the latest files and configurations, affected instances were unable to start. This reduced the capacity of our virus-scanning cluster below demand. When a virus scan cannot complete, our system quarantines the email as a precaution. As a result, emails processed during this window were quarantined rather than delivered to inboxes. No emails were lost. Affected emails can be released from quarantine by users or admins. Resolution The virus scanning cluster has been reconfigured to pull packages directly from the source repository, eliminating the dependency on the third-party intermediary. Monitoring and alerting thresholds have also been updated to surface this class of issue more quickly in the future. The issue is fully resolved.
Read the full incident report →
- Detected by Pingoru
- Apr 08, 2026, 06:07 PM UTC
- Resolved
- Apr 08, 2026, 11:01 PM UTC
- Duration
- 4h 53m
Affected: CloudFilter and SafeSend Email Security
Timeline · 2 updates
-
monitoring Apr 08, 2026, 06:07 PM UTC
We have been made aware that emails sent from Google Workspace accounts via CloudFilter/SafeSend are failing intermittently. There may also be delays in delivering inbound email due to an issue Google is experiencing. If you have a domain affected by this incident, we recommend temporarily disabling the outbound mail routes for Gmail. You may check the status of Google's incident at https://support.cloud.google.com/portal/system-status?product=WORKSPACE&cssp=true
-
resolved Apr 08, 2026, 11:01 PM UTC
This incident has been resolved.
Read the full incident report →
- Detected by Pingoru
- Mar 26, 2026, 07:06 PM UTC
- Resolved
- Mar 26, 2026, 08:14 PM UTC
- Duration
- 1h 8m
Affected: Shield
Timeline · 3 updates
-
monitoring Mar 26, 2026, 07:06 PM UTC
An update to improve brand-related impersonation attacks was aggressively holding outgoing messages and sending inbound emails to the Junk E-mail folder. The update has been rolled back, and the held outgoing emails have been released. Emails delivered to the Junk E-mail folder must be moved out by users. The aggressive protection was active from approximately 2:00 PM ET to 3:00 PM ET.
-
monitoring Mar 26, 2026, 07:19 PM UTC
Emails that were delivered to the Jail due to the aggressive behavior of the update have been released. The emails may still end up in the Junk E-mail folder if the risk level is medium or low from a new sender.
-
resolved Mar 26, 2026, 08:14 PM UTC
An update released at approximately 2:00 PM ET today was designed to improve protection against brand impersonation. It behaved more aggressively than intended, holding and jailing legitimate emails, particularly those with signatures containing social media links. The update was rolled back at approximately 2:50 PM ET. This issue is resolved. Actions taken to remediate after rollback: - Inbound emails delivered to Junk have been reprocessed to ensure appropriate risk and moved to the Inbox. - Released jailed emails; they may still land in Junk if the sender is new or carries a medium risk level. - Outgoing emails that were held have been released. No action needed.
Read the full incident report →
- Detected by Pingoru
- Jan 22, 2026, 07:51 PM UTC
- Resolved
- Jan 23, 2026, 01:50 PM UTC
- Duration
- 17h 59m
Affected: ShieldCloudFilter and SafeSend Email Security
Timeline · 4 updates
-
monitoring Jan 22, 2026, 07:51 PM UTC
Microsoft has announced a service issue affecting Exchange Online in M365. We are seeing email delivery delays to M365 domains with temporary error notifications. We will continue to monitor the Microsoft report. Mailprotector's CloudFilter and Shield services are operational.
-
monitoring Jan 22, 2026, 10:36 PM UTC
Microsoft's status has not changed. For more information, please visit https://status.cloud.microsoft/
-
monitoring Jan 22, 2026, 11:38 PM UTC
We will continue to monitor the status Microsoft provides at https://status.cloud.microsoft/. It appears Microsoft is making progress in some of their affected zones. Logs shows some emails are beginning to deliver, but without Microsoft's confirmation of a resolution, we expect deferrals to continue.
-
resolved Jan 23, 2026, 01:50 PM UTC
This incident has been resolved.
Read the full incident report →
- Detected by Pingoru
- Dec 18, 2025, 10:06 PM UTC
- Resolved
- Dec 18, 2025, 11:08 PM UTC
- Duration
- 1h 1m
Affected: CloudFilter and SafeSend Email SecurityManagement Console
Timeline · 2 updates
-
identified Dec 18, 2025, 10:06 PM UTC
The team has identified an issue with email log ingestion and backend storage. A fix is being prepared. Logs will get backfilled once the issue is resolved. The log issue does not impact mail flow. Email delivery is performing as expected.
-
resolved Dec 18, 2025, 11:08 PM UTC
The log ingestion issue is resolved, and logs have been backfilled.
Read the full incident report →
- Detected by Pingoru
- Dec 12, 2025, 04:21 PM UTC
- Resolved
- Dec 12, 2025, 05:48 PM UTC
- Duration
- 1h 26m
Affected: Shield
Timeline · 2 updates
-
identified Dec 12, 2025, 04:21 PM UTC
An issue with API notifications from Microsoft was discovered, and a fix is already being deployed. Mail flow has not been interrupted; however, the movement of emails to a folder based on sender preferences or risk level without mailbox rules was impacted. The fix is being deployed.
-
resolved Dec 12, 2025, 05:48 PM UTC
The fix has been deployed. New emails are being placed in the appropriate location as expected per X-ray log details. Emails that were not moved prior to the fix will remain in their current location. Moving the message will create an opportunity for Shield to act on the message, if needed.
Read the full incident report →
- Detected by Pingoru
- Oct 28, 2025, 09:09 PM UTC
- Resolved
- Oct 29, 2025, 09:53 PM UTC
- Duration
- 1d
Affected: Radar
Timeline · 4 updates
-
identified Oct 28, 2025, 09:09 PM UTC
An underlying issue at AWS is preventing an essential Radar task from completing. Radar will not complete the round-trip test and return results. We continue to monitor AWS's investigation into the failed service.
-
identified Oct 28, 2025, 11:25 PM UTC
We are continuing to monitor the situation. AWS is continuing to investigate the issue.
-
monitoring Oct 29, 2025, 01:50 PM UTC
Radar is operating as expected. However, AWS has not confirmed that the affected service has been fully resolved. We will continue to monitor the situation.
-
resolved Oct 29, 2025, 09:53 PM UTC
This incident has been resolved.
Read the full incident report →
- Detected by Pingoru
- Oct 27, 2025, 02:08 PM UTC
- Resolved
- Oct 27, 2025, 06:01 PM UTC
- Duration
- 3h 52m
Affected: CloudMail Hosted Email
Timeline · 3 updates
-
investigating Oct 27, 2025, 02:08 PM UTC
We are investigating errors connecting to CloudMail via webmail and email clients.
-
monitoring Oct 27, 2025, 02:47 PM UTC
Connections to CloudMail are operating as expected. We will continue to monitor the status.
-
resolved Oct 27, 2025, 06:01 PM UTC
This incident has been resolved.
Read the full incident report →
- Detected by Pingoru
- Oct 20, 2025, 03:53 PM UTC
- Resolved
- Oct 20, 2025, 11:09 PM UTC
- Duration
- 7h 15m
Affected: CloudFilter and SafeSend Email Security
Timeline · 6 updates
-
identified Oct 20, 2025, 03:53 PM UTC
AWS is experiencing service issues that are impacting CloudFilter's quarantine. Emails destinated for the quarantine are queued. Emails passing filtering are being delivered to the destination recipients. Only quarantined emails are affected. You can follow the AWS updates at https://health.aws.amazon.com/health/status
-
identified Oct 20, 2025, 06:18 PM UTC
AWS has reported progress but quarantine performance effects remain. We are continuing to monitor and work with AWS.
-
identified Oct 20, 2025, 08:13 PM UTC
The Mailprotector Console is currently unavailable due to the AWS issues. Mail flow for good emails continues to operate as expected. To reiterate, good emails are being delivered to recipient servers. The Console and quarantine are currently affected.
-
identified Oct 20, 2025, 08:26 PM UTC
The Mailprotector Console is back online. Quarantined emails continue to be queued and "good" emails are delivering to recipient servers.
-
monitoring Oct 20, 2025, 09:19 PM UTC
Quarantine services are beginning to recover. We continue to monitor the progress reported by AWS and the recovery of queues and services affected by the outage.
-
resolved Oct 20, 2025, 11:09 PM UTC
Quarantine queues are continuing recovery and services appear to be operating as expected. We will monitor the AWS status through the morning.
Read the full incident report →
- Detected by Pingoru
- Oct 01, 2025, 08:14 AM UTC
- Resolved
- Oct 03, 2025, 07:06 PM UTC
- Duration
- 2d 10h
Affected: CloudMail Hosted Email
Timeline · 3 updates
-
investigating Oct 01, 2025, 08:14 AM UTC
We are currently investigating the issue. Email is being accepted in mailboxes; however, access via webmail and IMAP is interrupted.
-
monitoring Oct 01, 2025, 09:14 AM UTC
A server service was unstable. The team has resolved the issue. Webmail and IMAP access is working as expected. We are continuing to monitor the service.
-
resolved Oct 03, 2025, 07:06 PM UTC
This incident has been resolved.
Read the full incident report →
Notice September 10, 2025 - Detected by Pingoru
- Sep 10, 2025, 02:24 PM UTC
- Resolved
- Sep 10, 2025, 10:00 AM UTC
- Duration
- —
Timeline · 1 update
-
resolved Sep 10, 2025, 02:24 PM UTC
A permissions change caused the Mailprotector Console to lose connection to a status database. The result was a false report of mail flow errors in the Console and email notifications to admin accounts configured for the alerts. The permissions have been corrected, and the mail flow status in the Console for CloudFilter shows accurate information. There was no mail flow interruption.
Read the full incident report →
- Detected by Pingoru
- Sep 09, 2025, 06:29 PM UTC
- Resolved
- Sep 10, 2025, 02:21 PM UTC
- Duration
- 19h 52m
Affected: Shield
Timeline · 3 updates
-
investigating Sep 09, 2025, 06:29 PM UTC
We are investigating an inbound delivery delay. Delays of approximately 20 minutes have been observed.
-
monitoring Sep 09, 2025, 07:18 PM UTC
Inbound delivery is performing as expected. We are continuing to monitor the flow.
-
resolved Sep 10, 2025, 02:21 PM UTC
Inbound delivery has continued to perform as expected. This incident is resolved.
Read the full incident report →
- Detected by Pingoru
- Sep 03, 2025, 07:18 PM UTC
- Resolved
- Sep 03, 2025, 07:18 PM UTC
- Duration
- —
Timeline · 1 update
-
resolved Sep 03, 2025, 07:18 PM UTC
A modification to handling ARC seal authentication was deployed late yesterday evening to handle an outlier situation observed over the past few months. The modification created a mail loop in specific messages that were missing some ARC seal authentication information in the headers. This specific situation caused the emails to look up the MX record for delivery, and those domains with a Shield MX record caused the email to loop. A fix for this situation was deployed shortly after the mail loop was detected. The fix now accounts for the rare circumstances involving the ARC seal and will gracefully handle mail delivery.
Read the full incident report →
- Detected by Pingoru
- Aug 26, 2025, 03:39 PM UTC
- Resolved
- Aug 27, 2025, 01:33 PM UTC
- Duration
- 21h 53m
Affected: Shield
Timeline · 4 updates
-
investigating Aug 26, 2025, 03:39 PM UTC
We are investigating an issue causing email delivery performance.
-
identified Aug 26, 2025, 04:38 PM UTC
The issue has been isolated, and resources are being reallocated to empty the email delivery queue as quickly as possible.
-
monitoring Aug 26, 2025, 08:24 PM UTC
The team has resolved email delivery performance, and inbound messages have been arriving as expected since about 1:00 PM ET. However, the issue is still monitored as API-related actions (sender training, message moves, etc.) and logs catch up. Please be aware that emails may sit in a folder a little longer than expected, and Spotlight logs may display an incorrect email location while the database catches up on activity. We expect the issue to be resolved entirely this evening.
-
resolved Aug 27, 2025, 01:33 PM UTC
Email delivery and API activity are operating as expected.
Read the full incident report →
- Detected by Pingoru
- Aug 05, 2025, 07:30 PM UTC
- Resolved
- Aug 29, 2025, 06:47 PM UTC
- Duration
- 23d 23h
Affected: Management Console
Timeline · 3 updates
-
investigating Aug 05, 2025, 04:18 PM UTC
Mailprotector is seeing an increase in User Sync Errors affecting some Google Workspace customers due to a recent Google update. The error occurs when authenticating with Google. The error may be displayed as "Data too long for column". Resolution (required for each affected domain): 1. Delete the User Source under the User Sync tab in your console 2. Add a new User Source and reconnect to Google Workspace Please reach out to support with any additional questions or concerns.
-
monitoring Aug 05, 2025, 07:30 PM UTC
We are continuing to monitor.
-
resolved Aug 29, 2025, 06:47 PM UTC
User sync errors affecting Google Workspace customers have been resolved. If an error still exists for a domain, please delete and recreate the user sync in the Mailprotector Console or open a request with the support team for guidance.
Read the full incident report →
- Detected by Pingoru
- Apr 17, 2025, 05:42 PM UTC
- Resolved
- May 05, 2025, 01:56 PM UTC
- Duration
- 17d 20h
Affected: CloudFilter and SafeSend Email Security
Timeline · 4 updates
-
identified Apr 17, 2025, 05:42 PM UTC
Mailprotector is aware of intermittent bounces of inbound emails to Microsoft 365 domains. The bounces reference one of two reasons: "banned sending IP" or "blocked using Spamhaus." In both cases, Microsoft and Spamhaus do not indicate that the IP addresses are blocked when a delist request is made. Mailprotector has two open and active support requests with Microsoft to explain and resolve the situation. Mailprotector has been attempting to resolve the issue with Microsoft for over a week. Unfortunately, we have seen increased bounces in the last 24 hours. Partners and users may click on the delist links in the bounce notification. However, the delist will reply that the IP addresses are not listed. It is important to note that this is not an outbound reputation issue. Microsoft is randomly rejecting emails from IP addresses that only relay inbound emails after being filtered. The IP addresses are added to the recommended inbound connector for M365 deployments.
-
identified Apr 29, 2025, 08:21 PM UTC
Bounces over the last 7 days have subsided, but an increase has been observed today, April 29. The number of bounces is tiny; however, we know a single bounce can frustrate a customer. Communication with Microsoft was escalated last week, and we await more information.
-
monitoring May 02, 2025, 01:35 PM UTC
Since April 30, little to no bounces have been observed. We are continuing to monitor the situation and waiting for Microsoft's response to explain the reason and a permanent resolution.
-
resolved May 05, 2025, 01:56 PM UTC
Since April 29, there have been unnoticeable bounces. While we cannot be certain that Microsoft will not repeat the issue, the status is considered resolved at this time. If you receive a bounce for "banned sending IP" or "blocked using Spamhaus", please open a support request.
Read the full incident report →
- Detected by Pingoru
- Apr 14, 2025, 01:58 PM UTC
- Resolved
- Apr 12, 2025, 05:00 PM UTC
- Duration
- —
Timeline · 1 update
-
resolved Apr 14, 2025, 01:58 PM UTC
Over the weekend, a small pool of inbound gateway servers bounced incoming emails to CloudFilter because of a database connection issue. The NDR message indicates: The response from your-domain-com.inbound.emailservice.io was: 5.7.1 [email protected]: Recipient address rejected: Access denied The team responded and resolved the issue quickly. Fortunately, weekends have a comparatively low email volume. However, if a user was expecting an email and did not receive it, they may need to request the sender to retry sending it. A thorough investigation of the incident is being performed, and the issue will be adjusted, monitored, and mitigated for the future.
Read the full incident report →
- Detected by Pingoru
- Mar 26, 2025, 02:00 PM UTC
- Resolved
- Mar 26, 2025, 02:00 PM UTC
- Duration
- —
Timeline · 1 update
-
resolved Mar 26, 2025, 02:00 PM UTC
Monitoring systems alerted the team to an issue with approximately 20% of inbound email processing. The issue has been identified and resolved. The issue will have impacted emails that show a delay in the logs this morning, but no further impact is expected.
Read the full incident report →
- Detected by Pingoru
- Mar 06, 2025, 04:40 PM UTC
- Resolved
- Mar 06, 2025, 03:00 PM UTC
- Duration
- —
Timeline · 1 update
-
resolved Mar 06, 2025, 04:40 PM UTC
Earlier this morning, Bracket encryption scaling added resources that did not respond to connection requests correctly. Users may have received a bounce notification if their encrypted email attempt connected to this subset of resources. The bounce notification error was: The bounce is: : host encrypt.bracket.email[18.223.92.55] said: 550 A secure TLS connection is required. The problematic resources were identified and removed, and the issue has been resolved. Users can send encrypted Bracket emails as expected.
Read the full incident report →
- Detected by Pingoru
- Feb 10, 2025, 03:40 PM UTC
- Resolved
- Feb 10, 2025, 06:47 PM UTC
- Duration
- 3h 6m
Affected: Shield
Timeline · 5 updates
-
investigating Feb 10, 2025, 03:40 PM UTC
We are investigating an impact on mail flow.
-
identified Feb 10, 2025, 04:02 PM UTC
The issue has been identified and mitigated. The team is working through queued jobs, but mail flow could be delayed by 10 minutes. We are working quickly to return mail flow to expected performance.
-
identified Feb 10, 2025, 05:46 PM UTC
Mail flow response times are continuing to decrease. A fix is planned for deployment to prevent this incident from occurring again. Another update will be provided to confirm improvement or resolution.
-
monitoring Feb 10, 2025, 05:56 PM UTC
Mail flow response times are reaching 30 seconds or less. We will continue to monitor the situation until the permanent fix is deployed.
-
resolved Feb 10, 2025, 06:47 PM UTC
Mail flow is functioning at expected performance levels.
Read the full incident report →
- Detected by Pingoru
- Feb 04, 2025, 04:35 PM UTC
- Resolved
- Feb 04, 2025, 09:02 PM UTC
- Duration
- 4h 27m
Affected: CloudFilter and SafeSend Email Security
Timeline · 3 updates
-
identified Feb 04, 2025, 04:35 PM UTC
We are aware of inbound email delays from CloudFilter. The team has identified the issue and is working on a fix.
-
monitoring Feb 04, 2025, 06:49 PM UTC
The issue has been addressed, and the queues are emptying. We are monitoring the progress closely and will confirm once the issue is resolved.
-
resolved Feb 04, 2025, 09:02 PM UTC
Inbound mail flow from CloudFilter is operating as expected. The issue has been resolved.
Read the full incident report →
- Detected by Pingoru
- Dec 11, 2024, 08:36 PM UTC
- Resolved
- Jan 21, 2025, 04:24 PM UTC
- Duration
- 40d 19h
Affected: CloudFilter and SafeSend Email Security
Timeline · 3 updates
-
identified Dec 11, 2024, 08:36 PM UTC
Mailprotector resolved a significant reputation issue that affected AT&T and Yahoo domains. As part of that remediation, the volume of emails from affected servers significantly dropped. As the affected servers have been put back into service, some domains using Prodigy (part of AT&T and Yahoo) and Rackspace are deferring email delivery due to the rapid volume change. Mailprotector is mitigating the occurrence of deferrals by metering the volume of affected servers. This process will take several more weeks to reach full resolution.
-
identified Jan 03, 2025, 09:57 PM UTC
Mailprotector has observed improved deliverability to Rackspace and AT&T domains. However, we are cautious, given that email volume is typically reduced between the Christmas and New Year's Day holidays. Over the coming weeks, we will move affected servers back into full production and wait for stabilized delivery responses. We expect some deferrals because these email service providers do not offer a means to set an expected volume of emails. We cannot eliminate deferrals entirely, especially if an email is considered questionable for spam or malicious intent. If the process moves forward smoothly and as expected, we will send one more update in a couple of weeks. We hope to consider this incident complete.
-
resolved Jan 21, 2025, 04:24 PM UTC
Deferrals of emails have slowed substantially but have not ceased altogether. Deferrals to certain email service providers will always occur due to several factors, including domain and sender reputations. Mailprotector deems the IP reputation problem resolved at this time. Mailprotector does not control domain and sender reputations. IP reputation management is influenced by Mailprotector's sending infrastructure management, but it is not solely in our control. Deferrals may happen on occasion. Users will see a deferral notice under the right circumstances as we continue to manage the sending infrastructure to build additional resilience and strictly enforce the sending policy. If a deferral or bounce is questionable, please open a support request, and Partner Success will gladly explain the situation as best as possible. In a pinch, the option is to send emails directly from the email service provider rather than CloudFilter's smarthost relay.
Read the full incident report →
- Detected by Pingoru
- Oct 30, 2024, 03:41 PM UTC
- Resolved
- Oct 30, 2024, 06:11 PM UTC
- Duration
- 2h 29m
Affected: Bracket Encrypted Email
Timeline · 4 updates
-
investigating Oct 30, 2024, 03:41 PM UTC
Some attempts to send Bracket encrypted emails from CloudFilter-protected accounts are failing due to a TLS error. We are investigating the issue. Sending Bracket emails directly from https://bracket.email or Shield is working as expected.
-
identified Oct 30, 2024, 03:50 PM UTC
The issue has been identified, and the team is working on implementing the fix.
-
monitoring Oct 30, 2024, 03:56 PM UTC
The TLS connection issue from CloudFilter's outbound gateway to Bracket is fixed, and we are monitoring the logs to ensure resolution. Bracket encryption from CloudFilter-protected accounts is operating as expected.
-
resolved Oct 30, 2024, 06:11 PM UTC
We have confirmed the TLS connections between the affected CloudFilter outbound gateway servers and Bracket have been working as expected.
Read the full incident report →
- Detected by Pingoru
- Oct 28, 2024, 07:58 PM UTC
- Resolved
- Dec 11, 2024, 08:31 PM UTC
- Duration
- 44d
Affected: Service Announcements
Timeline · 12 updates
Read the full incident report →
- Detected by Pingoru
- Oct 17, 2024, 07:39 PM UTC
- Resolved
- Oct 17, 2024, 04:30 PM UTC
- Duration
- —
Timeline · 1 update
-
resolved Oct 17, 2024, 07:39 PM UTC
An issue that started at 12:21 PM ET resulted in lost logs from 12:20 PM to 2 PM and likely duplicated some logs in the early morning. AWS performed a maintenance task that restarted a transport server in an ungraceful manner. This caused the logging service to lose its place in the log that it was duplicating. The logging service started at the beginning of the log file and writing logs. The problem was discovered, and it forced a rotation of the mail log (to start over fresh) and a re-addition of the affected server to the load balancer. The event may have duplicated some log messages, dropped others, and created odd-looking data in the mail flow logs in the Mailprotector Console during the event. However, mail flow was not affected by this event.
Read the full incident report →
