NinerNet Communications™
System Status

Server and System Status

NC027: Yet another spam outbreak

27 December 2017 22:41:47 +0000

We have temporarily shut down the mail server (NC027) while we clean up tens of thousands of spams from another compromised email account. We will have it back online as soon as possible.

NC027: Spam and delayed delivery

23 December 2017 03:11:45 +0000

Two email accounts on two separate domains on the mail server (NC027) were compromised in the last 24 hours and were used to send out thousands of spam emails. This has resulted in the mail server being blacklisted by at least one large mail provider and restrictions put in place by others. The two email accounts in question have been disabled pending resolution of the root cause of this issue, and we are diverting outgoing email to major mail providers via our relay server until restrictions on our primary mail server’s IP address expire. However, it may still be a few hours more until some outgoing mail is delivered normally without delay.

These incidents usually arise after a client’s computer has been infected with a virus. The virus then sends the email password back to the person or organisation controlling the virus, and they then use that information to compromise that email account on the mail server, using it to send thousands of spams from the account. Please ensure that you install, use and update an anti-virus program on your computers and any other devices to ensure that this doesn’t happen to your email account.

At this time NC027’s IP address is not listed in any of the major blacklists (which operate on an automated basis to remove blacklisted IP addresses once no spam is seen from them), but we will (as always) monitor this and, where necessary, make manual submissions to the smaller, niche blacklists and to ISPs and other mail providers to have our IP address de-listed where that is possible. Manual processes like these can take a couple of days, however.

NC027: Spam cleaned up

7 September 2017 13:23:50 +0000

We have cleaned up the spam on server NC027 and managed to funnel most of the delayed email through our relay server. Although the primary mail server’s IP address is not in a couple of the major blacklists, we are still in some niche ones with major ISPs and mail providers. We have been working to have the IP address de-listed where that is possible, but manual processes like these can take a couple of days.

In the meantime, at the moment most email is flowing normally, but email to most domains will still be delayed for the next few hours.

NC027: Mail server issues

7 September 2017 11:39:46 +0000

We have cleaned up server NC027 after a client’s email account was compromised, resulting in thousands of spams being sent from the mail server. This is having a negative impact on email being sent from the server, as its IP address is now in anti-spam blacklists. This means that outgoing email sent from our clients will be bounced or delayed until the blacklist realise that the spam from our mail server has stopped.

We are working on implementing a workaround through one of our other, clean mail servers, but unfortunately it will be several hours before outgoing email to most domains is delivered normally.

These incidents usually arise after a computer has been infected with a virus. The virus then sends the email password back to the person or organisation controlling the virus, and they then use that information to compromise that email account on the mail server, using it to send thousands of spams from the account. Please ensure that you install, use and update an anti-virus program on your computer to ensure that this doesn’t happen to your email account.

We apologise for this incident. Please contact us if you have any questions. Thank-you.

NC027: Outgoing mail may be delayed

31 July 2017 04:29:48 +0000

An email account on server NC027 was compromised in the last few hours, and it was used to send spam. This problem has been addressed by suspending the account, but the result is that outgoing email from the server may be delayed for the next few hours until automated anti-spam systems around the Internet react to our cleaning up the problem.

We apologise for this problem, and remind everyone to ensure that their computers are scanned regularly for viruses.

If you have any questions about this, please contact support. Thank-you.

NC027: Mail server back online

23 November 2016 07:28:27 +0000

The mail server (NC027) has been restarted after cleaning up after a spammer. It was down for eight minutes between 07:09 and 07:17 UTC.

As a result of this incident, our mail server is being blocked by some mail services. We will work to have those blocks removed before they expire, but this will take some time.

These incidents usually arise after a computer has been infected with a virus. The virus then sends the email password back to the person or organisation controlling the virus, and they then use that information to compromise that email account on the mail server, using it to send thousands of spams from the account. Please ensure that you install, use and update an anti-virus program on your computer to ensure that this doesn’t happen to your email account.

We again apologise for this incident. Please contact us if you have any questions. Thank-you.

NC027: Mail server shut down

23 November 2016 07:11:41 +0000

We have temporarily shut down server NC027 to clean up after a spammer. It will be back up in a few minutes. We apologise for the inconvenience.

NC023: Spam cleaned up

26 January 2014 15:45:01 +0000

The spam on server NC023 (the relay server) has been cleaned up and the offending IP address blocked. Most of the legitimate email to destination servers that had been deferred as a result of the spam has also now been delivered; however, some mail servers are still not accepting email from this server, so that email will continue to be delayed a while longer until their systems are automatically updated to realise that this server is no longer spamming. This is currently only affecting about twenty messages.

We apologise for this interruption. If you have any questions or concerns, please contact NinerNet support. Thank-you for your patience.

NC023: Relay server stopped to clean up spam

26 January 2014 13:28:29 +0000

The relay server has been stopped while we clean up a spam outbreak, and identify and block the source. We will post updates here. We expect to have the server back online within the next 30-40 minutes.

Email migration: Update 14

29 October 2013 08:57:36 +0000

This is the last post that we’ll refer to as an “update” regarding the email migration that was largely completed three weeks ago … if only so that we don’t end on number 13. It addresses three issues:

  • Outlook 2003,
  • Anti-spam blacklists, and
  • Mail box quotas.

Outlook 2003: During the migration we learnt that Outlook 2003 does not support TLS. This is software that is over a decade old, and Microsoft will stop supporting it in less than six months. Now would be a good time to upgrade. However, apparently a 2004 “hotfix” available from Microsoft will add TLS support to Outlook 2003, but we cannot vouch for this personally, nor are we aware of any clients who have used this.

The anti-spam blacklists used on the old server were not immediately implemented on the new server. They have been now. The amount of spam you receive should drop significantly as a result.

Finally, we have increased mail box quotas across the board, as we try to keep up with the growing number of people using smart phones and tablets who store significant amounts of mail on the server.

As always, if you have any questions, pleaseĀ contact support and we’ll be happy to assist.

NinerNet home page

Systems at a Glance:


Loc.SystemStatusPing
Server NC020, Chicago, United States of America, OPERATIONAL.NC020OperationalUp?
Server NC023, London, United Kingdom, OPERATIONAL.NC023OperationalUp?
Server NC028, Vancouver, Canada, INTERNAL.NC028InternalUp?
Server NC031, New York, United States of America, OPERATIONAL.NC031OperationalUp?
Server NC033, Toronto, Canada, OPERATIONAL.NC033OperationalUp?
Server NC034, Lusaka, Zambia, INTERNAL.NC034InternalUp?
Server NC035, Sydney, Australia, TESTING.NC035TestingUp?
Server NC036, Amsterdam, Netherlands, OPERATIONAL.NC036OperationalUp?
Server NC037, Seattle, United States of America, INTERNAL.NC037InternalUp?

Subscriptions:

RSS icon. RSS

Twitter icon. Twitter

General Information:

This blog provides information about the status of NinerNet Communications systems. Dates and times of posts to this blog are in the UTC time zone, and dates and times given for events are also in the UTC time zone, although conversions may be offered for some time zones common to our clients. Please use the World Time Server to ensure accurate conversion of dates and times to your own time zone.

Search:

 

Recent Posts:

Archives:

Categories:

Links

Tags:

.co.zm domains .com.zm domains .zam.co domains back-up bounce messages browser warnings configuration connection issues control panel database dns dos attack dot-zm domains down time email delivery error messages ftp hardware imap mailing lists mail relay mail server microsoft migration nameservers network networking outlook performance phplist pop power failure reboot smtp spam spamassassin ssl ssl certificate tls tls certificate viruses webmail web server wordpress

Resources:

On NinerNet: