We know that reliability is important to our users. We go to great lengths to ensure that your emails and files are always available and never lost, damaged, or corrupted.
When anything changes in your mailbox, such as receiving new mail, that change is immediately replicated onto two separate servers, one of which is in a completely different country. That way if a server fails, your mail is still accessible and secure.
These servers also write to redundant disk drives. If a disk fails, the system still runs, we get an alert, and the disk is swapped with a spare, with no downtime or loss of service at all.
If you want to know more, we've written a detailed description of our storage and replication architecure.
Beyond the protection of our redundant live servers, we also maintain a backup system which takes nightly backups of all your email and mailbox activity. If any emails are deleted, the backup will keep a copy for up to 7 days.
This backup system is designed to function separately, and entirely differently, than the live system. It does not share any common traits in configuration or coding. Basically, if catastrophe strikes the live system, whether that be an advanced virus or a targeted attack, that attack will not affect your backed up data.
This is all highly unlikely, but we've planned for the worst to ensure that your data remains intact and undamaged.
Most people don't think corruption is an issue, but recent research by CERN has shown that today's large drives corrupt three files in every terabyte of data. To combat corruption, we make a checksummed copy of incoming messages and store it for comparison.
When your mail is replicated to our separate live and backup servers, we reference the original checksum to make sure the file has not been corrupted. If an error is found, we locate the master copy and start the process again. This provides an unsurpassed level of integrity to your email data.
Even with all this redundancy, things can still go wrong. If they do, there is always someone available to deal with the problem promptly. This is accomplished by an extensive monitoring system.
Every two minutes, we test every port, on every service, on every server, and we test key parts of our hardware and software. Additionally, every ten minutes, we test the web interface on every backend server. If any of these tests fail, there are two standby engineers on call to sort out issues.
If there are any problems, we aim to keep users up to date with exactly what is happening on our status blog at http://status.fastmail.fm.
Reliability also comes from having people that care about making their systems reliable.
We believe in a pro-active culture of finding long-term solutions. If there are ever problems affecting users, then we ensure that we fix the specific problem as quickly as possible to make sure you have access to your mail and files.
But, we don't stop when things are fixed. We consider why the problem actually occured, and dedicate ourselves to preventing similar problems from occuring in the future.