NinerNet Communications™
System Status

Server and System Status

All servers: SSL certificates updated

16 December 2019 12:18:04 +0000

The *.niner.net SSL certificate was renewed today and updated on all servers.

If you get any certificate errors in either your web browser or email program, please close down all programs, restart your computer, and try again. This should clear the cache of the programs in question and force them to download the new certificate information.

If you have any problems, please contact support. Thank-you.

NC023: Secondary issue resolved

12 March 2019 20:26:33 +0000

The secondary issues referred to previously were not issues at all. A single test out of several failed, but the failure was unrelated to this server.

This issue is now closed. We apologise for any inconvenience this emergency maintenance may have caused while the server was offline between approximately 13:26 and 14:03 UTC.

If you have any questions, please contact support. Thank-you for your patience.

NC023: Emergency maintenance

12 March 2019 15:01:42 +0000

Due to issues affecting this server (NC023, the relay server), it has just undergone emergency maintenance. However, on boot there are new issues affecting it.

We are working to resolve the issue, and will post updates here. We apologise for this inconvenience.

NC023: Maintenance complete

2 May 2018 21:03:31 +0000

Server NC023 was down between 20:06 and 20:23 UTC while a patch for the Spectre vulnerability was applied.

NC023: Blacklist update

28 April 2018 20:46:12 +0000

We heard back from Microsoft/Outlook.com, and they have removed the relay server’s IP address from their blacklist. Thanks for your patience.

NC023: More blacklist problems

27 April 2018 08:52:05 +0000

It has come to our attention that some email from the IP address of our secondary mail server (NC023) is being blocked at Outlook.com. It seems that only email sent to Outlook.com domains — e.g., outlook.com, hotmail.com, msn.com — is being blocked, but email sent to other domains hosted by Outlook.com is not being blocked. It’s unclear why the differentiation.

We do have an account with Microsoft for the purpose of monitoring reports about mail sent from our IP addresses to Outlook.com mail servers. However, although the account tells us that the IP address is blocked, it doesn’t tell us why or provide us with any statistics, as it does for our other IP addresses.

We have contacted Outlook.com to determine what is happening here, as this too is a situation we’ve never seen before.

NC027: Blacklist situation

27 April 2018 06:13:40 +0000

As explained yesterday, a client’s compromised email account sent out thousands of spam emails before it was detected and stopped. This has happened before, but the circumstances this time are different.

Most blacklists are automated, both in adding IP addresses to the blacklist and in removing them. This is a double-edged sword. On the plus side, IP addresses that are the source of spam are quickly added, making it less likely that spam will get through in subsequent attempts from the same IP address. Most, if not all, automated blacklists then remove the bad IP address fairly quickly after the spam stops. They realise that stuff happens, and when the spam stops they assume the problem is fixed and remove the IP address. There is short-term pain, but it’s measured in hours and the block is generally removed within your business day.

On the negative side, organisations and people that run blacklists are generally unwilling to manually remove IP addresses before they automatically expire. In and of itself this isn’t actually a bad thing; many blacklist wouldn’t be able to function if they had to field pleas and demands that IP addresses be removed. Quick, automated removal when the problem that caused the listing in the first place is fixed is the cure.

Unfortunately this situation has exposed a blacklist that actually seems to be designed to punish mail servers that have had a temporary problem, even after the problem has been stopped. This is unusual in our experience, as it makes the blacklist less useful, by blocking legitimate email long after the problem has been addressed. Information on their website states that it could be “a week or more” before an IP address is removedif they determine the spam outbreak to be severe enough — without defining “severe” — even though it has stopped. And since the addition and removal of IP addresses is automated, “you cannot” get your IP address removed manually. Full stop.

Since this blacklist is still blocking our mail server’s IP address almost 24 hours later, at 05:01 UTC we started relaying all mail sent by clients through our relay mail server (NC023), which has a different IP address. We will continue to monitor the blacklist in question and reverse this once our IP address is removed.

It seems that most of the mail servers we’ve seen using this blacklist are in South Africa. Mail bounced using this blacklist will show a message like the following, using real email addresses, domains and IP addresses of course:

<destination@example.com>: host something.co.za[1.2.3.4] said:
    550-rejected because 212.71.255.195 is in a black list at
    truncate.gbudb.net 550 http://www.gbudb.com/truncate/ [212.71.255.195]
    (in reply to RCPT TO command)

If you’ve seen this, we suggest that you contact the person to whom you sent the email and suggest that they tell their hosting company that they should stop using blacklists that don’t operate within the norms of most blacklists. Feel free to point them to this blog post.

With all of the above said, we will be setting up a new mail server and migrating all accounts to it within the next couple of weeks. The new server will be better equipped to spot and stop these outbreaks automatically before they become “severe”.

As always, we appreciate your patience, and we also appreciate those clients that keep their anti-virus software up to date. If you have any questions, please feel free to contact us. Thank-you.

NC023, NC027 and NC031: Spectre maintenance

25 April 2018 11:41:21 +0000

Per our previous blog post, three of our servers will be updated to address variants 1 and 2 of the Spectre vulnerability per the following schedule (start times) in chronological order:

As with the previous upgrades for the Meltdown vulnerability, the maintenance windows for each are two hours long, but we expect that each server will be down for much less than that. During the Meltdown maintenance the servers were down for between 13 and 19 minutes, and we expect much the same this time around.

Please click the links above to determine when this will be in your time zone.

During the maintenance of servers NC023 and NC027 you will not be able to send or receive email. Incoming email to your domain will be held on the sending servers until our mail server is back online, and will then be delivered to your accounts. No email will be lost. Please note that email to NinerNet will also be down during the maintenance on server NC027.

During the maintenance of server NC031 your website will be inaccessible, both to you and the public.

NC023 and NC027: Maintenance complete

19 January 2018 03:30:26 +0000

Server NC023 was down for maintenance between 03:00 and 03:18 and server NC027 was down for maintenance between 03:02 and 03:15, and both have been successfully updated with current patches. This phase of the maintenance protects against Meltdown; further maintenance for protection against Spectre will take place when patches for it have been developed.

Updates will be posted here.

NC023 and NC027: Emergency server maintenance

18 January 2018 02:54:25 +0000

Per our previous blog post, the next of our servers to undergo updating are NC023 (the relay server) and NC027 (the primary mail server). The maintenance windows for each are two hours’ long, but we expect that each server will be down for much less than that.

The maintenance window for both starts at:

Please click the link above to determine when this will be in your time zone.

During the maintenance you will not be able to send or receive email. Incoming email to your domain will be held on the sending servers until our mail server is back online, and will then be delivered to your accounts. No email will be lost.

Please note that email to NinerNet will also be down during the maintenance on server NC027.

NinerNet home page

Systems at a Glance:


Loc.SystemStatusPing
Server NC023, London, United Kingdom (Relay server), OPERATIONAL.NC023OperationalUp?
Server NC028, Vancouver, Canada (Monitoring server), INTERNAL.NC028InternalUp?
Server NC031, New York, United States of America (Web server), INTERNAL.NC031InternalUp?
Server NC033, Toronto, Canada (Primary nameserver), OPERATIONAL.NC033OperationalUp?
Server NC034, Lusaka, Zambia (Phone server), INTERNAL.NC034InternalUp?
Server NC035, Sydney, Australia (Secondary nameserver), OPERATIONAL.NC035OperationalUp?
Server NC036, Amsterdam, Netherlands (Mail server), OPERATIONAL.NC036OperationalUp?
Server NC040, Toronto, Canada (Web server), INTERNAL.NC040InternalUp?
Server NC041, New York, United States of America (Web server), OPERATIONAL.NC041OperationalUp?
Server NC042, Seattle, United States of America (Status website), OPERATIONAL.NC042OperationalUp?

Subscriptions:

RSS icon. RSS

Twitter icon. Twitter

Search:

 

Recent Posts:

Archives:

Categories:

Links

Tags:

.co.zm domains .com.zm domains .zam.co domains back-up bounce messages browser warnings configuration connection issues control panel database dns dos attack dot-zm domains down time email email delivery error messages ftp hardware imap mail mailing lists mail relay mail server microsoft migration nameservers network networking outlook performance php phplist pop reboot smtp spam spamassassin ssl ssl certificate tls tls certificate viruses webmail web server

Resources:

On NinerNet: