Time: Oct. 12, 2022, 1:38 p.m.

Status: Resolved

Update: Dear SYNAQ Client, The network accessibility incident has been confirmed as resolved by our upstream provider. All SYNAQ platforms are thus operating optimally. We appreciate your understanding and continued support. Sincerely, SYNAQ Technical Team

Time: Oct. 12, 2022, 12:47 p.m.

Status: Monitoring

Update: Dear SYNAQ Client, Our upstream provider has implemented a fix for the network accessibility incident and we are monitoring the service stability. We will provide further feedback on this status in the next 60 minutes. Sincerely, SYNAQ Technical Team

Time: Oct. 12, 2022, 11:29 a.m.

Status: Identified

Update: Dear SYNAQ Client, Our upstream provider is still working on the resolution of the network accessibility incident as a matter of urgency. We would like to assure you that this is our top priority and will continue to provide feedback as it becomes available. Sincerely, SYNAQ Technical Team

Time: Oct. 12, 2022, 10:50 a.m.

Status: Identified

Update: Dear SYNAQ Client, We have identified that the current network accessibility issue is due to a data centre incident being experienced by our upstream provider. Whilst no ETA has been made available, we are managing this issue as a matter of urgency with our provider and will continue to provide updates as they become available. We apologise again for the inconvenience caused. Sincerely, SYNAQ Technical Team

Time: Oct. 12, 2022, 10:15 a.m.

Status: Investigating

Update: Dear SYNAQ Client, We are experiencing a network accessibility issue on all SYNAQ platforms, due to an upstream provider incident. We apologise for the inconvenience caused and would like to assure you that our engineers are working with the upstream provider to resolve this issue as a matter of urgency. Sincerely, SYNAQ Technical Team

Time: June 3, 2022, 12:47 p.m.

Status: Postmortem

Update: # Post Mortem Report The purpose of this post-mortem is to detail the investigations and subsequent findings of the impact of Cloud Mail incident of May 26 2022. ## **Background** * On Zimbra, we perform regular proactive maintenance on our LDAP servers. * This involves reloading of the LDAP Databases on all masters and replica servers using a backup of one of the master databases. * This is done quarterly to maintain optimal performance of the LDAP service. * This process has been performed over the last 3 years in conjunction with our vendor without issue. **On Wednesday 25th May 2022:** * An LDAP maintenance change was performed on the evening of the 25th at 20:00. * A SYNAQ Engineer was working with our vendor engineer for this change and a miscommunication occurred between them, which resulted in the incorrect backup being applied \(it was a legacy backup from January 18 2022\), instead of current backup taken from a master that evening. **On Thursday 26th May 2022: Authentication Failures Experienced** * \[07:00am\]: We received reports of a subset of clients that were experiencing authentication issues \(i.e. could not login to their mailbox\). * Our engineers investigated the issue and we uncovered that we were working on incorrect version of the LDAP database * \[8:03am – 9:31am\]: SYNAQ engineers took the LDAP system down for the purposes of restoring the most current version of the backups to all LDAP servers and this reloading to approximately 90 minutes. * Authentication services were restored at 09:31 AM. ## Remedial Actions **Immediate – 0-3 months:** * Improve and verify standard operating procedure for LDAP optimisation process with additional test cases. * Build an additional monitoring alert that allows us to detect anomalous changes in expected data found in LDAP after a reload process is performed. **Long term: 6 – 12 months:** * Zimbra 9 – LDAP fixes and improvements.

Time: May 26, 2022, 7:49 a.m.

Status: Resolved

Update: Dear Clients, The SYNAQ Cloud Mail service is restored. We apologise once again for any inconvenience caused. Sincerely, SYNAQ Technical Team

Time: May 26, 2022, 7:29 a.m.

Status: Monitoring

Update: Dear Clients, Our engineers have implemented a fix for the SYNAQ Cloud Mail incident and are monitoring the service stability.

Time: May 26, 2022, 7:08 a.m.

Status: Identified

Update: Dear Clients, Our engineers are still working on the resolution of the SYNAQ Cloud Mail Incident. This is being treated as a matter of urgency. We will send our next update in 30 minutes and we are still on track for the ETA for resolution in 10 minutes.

Time: May 26, 2022, 6:39 a.m.

Status: Identified

Update: Dear Clients, Our engineers have identified the SYNAQ Cloud Mail incident and are working on a resolution. We will send our next update in 30 minutes and the ETA for resolution will be 45 minutes.

Time: May 26, 2022, 6:03 a.m.

Status: Investigating

Update: Dear SYNAQ Client, We are experiencing an authentication issue on the SYNAQ Cloud Mail platform. We apologise for this inconvenience. Our engineers are looking into the problem and should have us back to normal in the shortest time possible! Sincerely, SYNAQ Technical Team

Time: June 3, 2022, 12:47 p.m.

Status: Postmortem

Update: # Post Mortem Report The purpose of this post-mortem is to detail the investigations and subsequent findings of the impact of Cloud Mail incident of May 26 2022. ## **Background** * On Zimbra, we perform regular proactive maintenance on our LDAP servers. * This involves reloading of the LDAP Databases on all masters and replica servers using a backup of one of the master databases. * This is done quarterly to maintain optimal performance of the LDAP service. * This process has been performed over the last 3 years in conjunction with our vendor without issue. **On Wednesday 25th May 2022:** * An LDAP maintenance change was performed on the evening of the 25th at 20:00. * A SYNAQ Engineer was working with our vendor engineer for this change and a miscommunication occurred between them, which resulted in the incorrect backup being applied \(it was a legacy backup from January 18 2022\), instead of current backup taken from a master that evening. **On Thursday 26th May 2022: Authentication Failures Experienced** * \[07:00am\]: We received reports of a subset of clients that were experiencing authentication issues \(i.e. could not login to their mailbox\). * Our engineers investigated the issue and we uncovered that we were working on incorrect version of the LDAP database * \[8:03am – 9:31am\]: SYNAQ engineers took the LDAP system down for the purposes of restoring the most current version of the backups to all LDAP servers and this reloading to approximately 90 minutes. * Authentication services were restored at 09:31 AM. ## Remedial Actions **Immediate – 0-3 months:** * Improve and verify standard operating procedure for LDAP optimisation process with additional test cases. * Build an additional monitoring alert that allows us to detect anomalous changes in expected data found in LDAP after a reload process is performed. **Long term: 6 – 12 months:** * Zimbra 9 – LDAP fixes and improvements.

Time: May 26, 2022, 7:49 a.m.

Status: Resolved

Update: Dear Clients, The SYNAQ Cloud Mail service is restored. We apologise once again for any inconvenience caused. Sincerely, SYNAQ Technical Team

Time: May 26, 2022, 7:29 a.m.

Status: Monitoring

Update: Dear Clients, Our engineers have implemented a fix for the SYNAQ Cloud Mail incident and are monitoring the service stability.

Time: May 26, 2022, 7:08 a.m.

Status: Identified

Update: Dear Clients, Our engineers are still working on the resolution of the SYNAQ Cloud Mail Incident. This is being treated as a matter of urgency. We will send our next update in 30 minutes and we are still on track for the ETA for resolution in 10 minutes.

Time: May 26, 2022, 6:39 a.m.

Status: Identified

Update: Dear Clients, Our engineers have identified the SYNAQ Cloud Mail incident and are working on a resolution. We will send our next update in 30 minutes and the ETA for resolution will be 45 minutes.

Time: May 26, 2022, 6:03 a.m.

Status: Investigating

Update: Dear SYNAQ Client, We are experiencing an authentication issue on the SYNAQ Cloud Mail platform. We apologise for this inconvenience. Our engineers are looking into the problem and should have us back to normal in the shortest time possible! Sincerely, SYNAQ Technical Team

Time: April 20, 2022, 1:17 p.m.

Status: Postmortem

Update: Summary and Impact to Customers On Tuesday 12th April 2022 from 12:06 to 13:22, SYNAQ Cloud Mail experienced an authentication incident affecting a subset of users. The resultant impact of the event was that this subset of users were unable to authenticate and access their mailboxes. Root Cause and Solution The root cause of this event was due to a Cloud Mail mailbox store becoming unresponsive. Due to the unresponsive server, it was not able to process authentication requests for any of the users on this store. To resolve the issue initially, we rebooted the affected store, but it did not boot up, because the server was unable to load the operating system as it could not find the boot information. We identified and resolved a firmware issue related to VMware SCSI drivers which prevented the VM from booting the operating system disk. Remediation Actions * We have identified other VMs which could potentially be exposed to the same risk, and will be scheduling time to address them.

Time: April 12, 2022, 11:22 a.m.

Status: Resolved

Update: Dear Clients, The SYNAQ Cloud Mail incident has been resolved and the service has returned to optimal functionality.

Time: April 12, 2022, 10:36 a.m.

Status: Investigating

Update: Dear Clients, SYNAQ Cloud Mail is currently experiencing an incident where one of our stores are not responding. This will cause certain POP and IMAP users to not be able to access their mail. Engineers are investigating this as a matter of urgency. We will send our next update in 60 minutes.

Time: April 20, 2022, 1:17 p.m.

Status: Postmortem

Update: Summary and Impact to Customers On Tuesday 12th April 2022 from 12:06 to 13:22, SYNAQ Cloud Mail experienced an authentication incident affecting a subset of users. The resultant impact of the event was that this subset of users were unable to authenticate and access their mailboxes. Root Cause and Solution The root cause of this event was due to a Cloud Mail mailbox store becoming unresponsive. Due to the unresponsive server, it was not able to process authentication requests for any of the users on this store. To resolve the issue initially, we rebooted the affected store, but it did not boot up, because the server was unable to load the operating system as it could not find the boot information. We identified and resolved a firmware issue related to VMware SCSI drivers which prevented the VM from booting the operating system disk. Remediation Actions * We have identified other VMs which could potentially be exposed to the same risk, and will be scheduling time to address them.

Time: April 12, 2022, 11:22 a.m.

Status: Resolved

Update: Dear Clients, The SYNAQ Cloud Mail incident has been resolved and the service has returned to optimal functionality.

Time: April 12, 2022, 10:36 a.m.

Status: Investigating

Update: Dear Clients, SYNAQ Cloud Mail is currently experiencing an incident where one of our stores are not responding. This will cause certain POP and IMAP users to not be able to access their mail. Engineers are investigating this as a matter of urgency. We will send our next update in 60 minutes.