NinerNet Communications™
System Status

Server and System Status

NC027: Spam and delayed delivery

23 December 2017 03:11:45 +0000

Two email accounts on two separate domains on the mail server (NC027) were compromised in the last 24 hours and were used to send out thousands of spam emails. This has resulted in the mail server being blacklisted by at least one large mail provider and restrictions put in place by others. The two email accounts in question have been disabled pending resolution of the root cause of this issue, and we are diverting outgoing email to major mail providers via our relay server until restrictions on our primary mail server’s IP address expire. However, it may still be a few hours more until some outgoing mail is delivered normally without delay.

These incidents usually arise after a client’s computer has been infected with a virus. The virus then sends the email password back to the person or organisation controlling the virus, and they then use that information to compromise that email account on the mail server, using it to send thousands of spams from the account. Please ensure that you install, use and update an anti-virus program on your computers and any other devices to ensure that this doesn’t happen to your email account.

At this time NC027’s IP address is not listed in any of the major blacklists (which operate on an automated basis to remove blacklisted IP addresses once no spam is seen from them), but we will (as always) monitor this and, where necessary, make manual submissions to the smaller, niche blacklists and to ISPs and other mail providers to have our IP address de-listed where that is possible. Manual processes like these can take a couple of days, however.

NinerNet home page

Systems at a Glance:


SystemStatusPing
NC020OperationalPing
NC023OperationalPing
NC024InternalPing
NC027OperationalPing
NC028InternalPing
NC031OperationalPing
NC033OperationalPing

Subscriptions:

RSS icon. RSS

Twitter icon. Twitter

General Information:

This blog provides information about the status of NinerNet Communications systems. Dates and times of posts to this blog are in the UTC time zone, and dates and times given for events are also in the UTC time zone, although conversions may be offered for some time zones common to our clients. Please use the World Time Server to ensure accurate conversion of dates and times to your own time zone.

Search:

 

Recent Posts:

Archives:

Categories:

Links

Tags:

.co.zm domains .com.zm domains .zam.co domains browser warnings connection issues database dns dos attack dot-zm domains down time email delivery ftp hardware mailing lists mail relay migration nameservers performance phplist reboot smtp spam spamassassin ssl ssl certificate tls tls certificate web server

Resources:

On NinerNet: