NinerNet Communications™
System Status

Server and System Status

NC027: Performance improvement

23 January 2014 11:55:41 +0000

We have made some adjustments to the configuration of the mail server on NC027 and as a result the mail queue seems to be clearing, albeit very slowly. We’re continuing to work on this to speed up delivery.

Tags: ,
Categories: Email, Incidents, NC027
Comments Off on NC027: Performance improvement

Server NC027 performance degraded

23 January 2014 09:07:10 +0000

Server NC027 has a large and growing mail queue, but the server is up. We are investigating and will post updates here.

Tags: ,
Categories: Email, Incidents, NC027
Comments Off on Server NC027 performance degraded

Email migration: Update 14

29 October 2013 08:57:36 +0000

This is the last post that we’ll refer to as an “update” regarding the email migration that was largely completed three weeks ago … if only so that we don’t end on number 13. It addresses three issues:

  • Outlook 2003,
  • Anti-spam blacklists, and
  • Mail box quotas.

Outlook 2003: During the migration we learnt that Outlook 2003 does not support TLS. This is software that is over a decade old, and Microsoft will stop supporting it in less than six months. Now would be a good time to upgrade. However, apparently a 2004 “hotfix” available from Microsoft will add TLS support to Outlook 2003, but we cannot vouch for this personally, nor are we aware of any clients who have used this.

The anti-spam blacklists used on the old server were not immediately implemented on the new server. They have been now. The amount of spam you receive should drop significantly as a result.

Finally, we have increased mail box quotas across the board, as we try to keep up with the growing number of people using smart phones and tablets who store significant amounts of mail on the server.

As always, if you have any questions, pleaseĀ contact support and we’ll be happy to assist.

Tags: , ,
Categories: Email, Maintenance, NC027
Comments Off on Email migration: Update 14

Email migration: Update 13

16 October 2013 10:09:43 +0000

Since the migration of many email accounts to the new server, we’ve had reports of email from some regular correspondents (with email hosted outside of NinerNet) to domains hosted on the new server bouncing back to those senders as undeliverable. All of these reports, so far, are about the same improper configuration of Microsoft Exchange mail servers.

A person sending you an email through a mis-configured mail server will receive a bounce message that includes an explanation for the bounce that looks like this:

you@yourdomain.com
nc027.ninernet.net #554 5.7.1 <senderdomain.local>: Helo command rejected: Go away, bad guy (.local).

The problem is the “senderdomain.local” string. In this case “senderdomain” stands in for an actual name — e.g., something that looks like it might be a domain — followed by “.local”. A properly configured mail server that connects to the public Internet is supposed to advertise a “fully-qualified domain name” (FQDN) through the “HELO” (or “EHLO”) command rather than “something.local”, which is not a real domain. Many mail servers, including ours, reject attempts to deliver mail from improperly configured mail servers advertising a “domain” that does not (or cannot) exist. The reason for this is that much spam comes from machines that are improperly configured in this manner. More technical details about this can be read in theĀ Best Practises for Email and Network Operators – Valid HELO domain article.

Your correspondents will likely think that we are blocking their domain specifically (very likely that we are NOT) or that something is otherwise wrong on our mail server. However, it is the other way around; your correspondents experiencing this problem need to talk to their own IT people, perhaps pointing them to this post, as their mail server needs to be reconfigured correctly.

The article Exchange DNS Configuration for Email Delivery includes a number of helpful hints for the Exchange server administrator about how to properly configure an Exchange server to work correctly on the Internet with respect to domains and DNS. About half way down the page are sections entitled SMTP Banner – Exchange 2003 and SMTP Banner – Exchange 2007 that explain how to set the SMTP banner — i.e., the domain that is advertised by the Exchange server when it connects to another mail server to attempt to deliver email. As mentioned previously, this needs to be a proper domain that is resolvable on the Internet, not something that doesn’t exist like “senderdomain.local”.

Our experience is that when an Exchange server is correctly reconfigured, email from that server starts getting through again immediately, and deliveries to other servers that do not block based on this incorrect behaviour are not affected.

Another possible solution to this problem is for the Exchange server to use a smart host, through which all outbound email is delivered to the public Internet. This has a number of advantages, including not having to reconfigure the SMTP banner and the fact that the server administrator doesn’t have to be concerned about their own IP address being added to a block list if (again as a result of mis-configuration) the server inadvertently becomes the source of spam. NinerNet provides this service (relay server / smart host) for USD30 / CAD36 / ZMW165 per month.

Or you could send Microsoft Exchange Server 2007 For Dummies to the sending domain’s server administrator!

Update, 2022-01-24: The information above applies to any domain or sub-domain used in a mail server’s HELO command, not just the specific nonsense sub-domain “senderdomain.local”. If the maintainer of the sending mail server makes up a sub-domain like “mailserver.mydomain.com”, but doesn’t actually create an A record for “mailserver.mydomain.com”, then the effect will be the same, their email will not get through.

Additionally, these days the error message is different. It is as follows:

450 4.7.1 <mailserver.mydomain.com>: Helo command rejected: Host not found

Mail server admins are still making this mistake today, in 2022!

Tags: , , , ,
Categories: Email, Maintenance, NC027
Comments Off on Email migration: Update 13

Email migration: Update 12

10 October 2013 12:41:09 +0000

A few things have become apparent over the last few days, and noting them here might help others who may still be having issues:

  • Outlook: First, we did correct the Outlook instructions on Monday to state that the encryption setting for sending needed to be set to TLS, not SSL. Some people missed that, and it has accounted for the majority of problems with sending email via Outlook.
  • Almost all of the rest of the problems were caused by one or two missed settings or spelling mistakes. We can’t overstress that the settings we have provided need to be set exactly. When configuring email settings, there is no such thing as “close enough”.
  • Eudora: The “Secure Sockets when Sending” field on the “Generic Properties” tab needs to be set to “Required, STARTTLS”, and the “Secure Sockets when Receiving” field on the “Incoming Mail” tab needs to be set to “Required, Alternate Port”.
  • Blackberry: One client was unable to configure their older Blackberry (the operating system on which can’t be upgraded any further past OS5) — even with assistance from their phone company — and ended up buying a new phone and having no problems.
  • iPhone: It seems that the iPhone does not turn on SSL by default, so you have to go out of your way to find this under “advanced” settings and turn it on. Please also ensure that the port is set correctly for incoming mail: 993 for IMAPS (IMAP over SSL).
  • Android: Contrary to the iPhone, we’ve had a report from a client using an Android-based phone that port 993 did not work, but 143 did.
  • Firewalls: We spent a significant amount of time dealing with a firewall issue with one client, after being assured that the firewall had been opened by the network management company managing their firewall. It turned out that the firewall was not open, or at least not sufficiently for the type of connection that was required. After it was properly configured, email miraculously flowed with no problem. Please check your firewalls!
  • Email-sending applications: Another fairly unique situation was encountered with a client who uses a “localhost” web and mail server installed on their computer to run a reservations system. This was unable to connect to the mail server, and the vendor of the software was also unable to determine the problem with their software. We had to provide a workaround for the client in this situation.

If you’re still having issues with sending or receiving email, please double and triple check everything, check the above notes for anything that may apply to you and help you get things working, and then contact us if none of that helps.

Thanks for your patience. As frustrating as this migration has been for some of you due to the exactness of the settings required, your mail is on a better, faster, more secure server that is much closer to many of you than the old server was.

Tags: , , ,
Categories: Email, Maintenance, NC027
Comments Off on Email migration: Update 12

Email maintenance: Update 6

2 October 2013 09:39:44 +0000

SMTP on server NC018 is definitely working again. The problem was fixed at 07:55 UTC. You can once again send email, and most (if not all) incoming email queued on sending servers should have been delivered to your account by now. All email on our own back-up mail server was delivered by 08:13.

Again, we apologise for the length of this maintenance and the inconvenience to you.

Tags: , , , ,
Categories: Email, Maintenance, NC018, NC027
Comments Off on Email maintenance: Update 6

Email maintenance: Update 5

2 October 2013 06:28:29 +0000

The maintenance is complete. SMTP on server NC018 is back online. You can send email once again, and email queued on sending servers should arrive in your account soon.

Tags: , , , ,
Categories: Email, Maintenance, NC018, NC027
Comments Off on Email maintenance: Update 5

Email maintenance: Update 4

2 October 2013 02:49:00 +0000

After numerous false starts, an email migration for some clients from server NC018 to NC027 got under way at 01:46 UTC on 2 October. Please see “Email maintenance this weekend” for full details.

The main reminder is that clients with email on server NC018 (which is most clients) will not be able to send email until this migration is complete. You will be able to log into your email account, but email sent to you during the migration will not arrive in your account until after the migration is complete.

For any questions during the migration, please email support-september-2013@ninernet.com. Contrary to our earlier post, please do not use the contact form on our website, as we will not see emails sent through that until after the migration completes.

Thank-you for your patience as we work — sometimes day and night — to improve the service that we provide to you.

Tags: , , , ,
Categories: Email, Maintenance, NC018, NC027
Comments Off on Email maintenance: Update 4

Email maintenance: Update 3

30 September 2013 23:23:33 +0000

We will complete the email maintenance on Tuesday 1 October 2013 at 01:00 UTC. That’s 18:00 PDT on Monday, 03:00 CAT on Tuesday. (Please see the World Time Server to convert for your time zone.)

We anticipate that the SMTP server will be down for less than an hour at that time.

Tags: , , , ,
Categories: Email, Maintenance, NC018, NC027
Comments Off on Email maintenance: Update 3

Email maintenance: Update 2

30 September 2013 15:34:00 +0000

This maintenance continued through the weekend, but was not completed due to significant obstacles. At no time was the main mail server shut down.

We will attempt to finish addressing the obstacles today and aim to finish the maintenance early on Tuesday morning UTC. During that time the main mail server will need to be shut down, but we anticipate that this shut-down should not last as long as we had initially anticipated.

Tags: , , , ,
Categories: Email, Maintenance, NC018, NC027
Comments Off on Email maintenance: Update 2
« Older Entries
Newer Entries »

NinerNet home page

Systems at a Glance:


Loc.SystemStatusPing
Server NC023, London, United Kingdom (Relay server), INTERNAL.NC023InternalUp?
Server NC028, Vancouver, Canada (Monitoring server), INTERNAL.NC028InternalUp?
Server NC031, New York, United States of America (Web server), INTERNAL.NC031InternalUp?
Server NC033, Toronto, Canada (Primary nameserver), OPERATIONAL.NC033OperationalUp?
Server NC034, Lusaka, Zambia (Phone server), INTERNAL.NC034InternalUp?
Server NC035, Sydney, Australia (Secondary nameserver), OPERATIONAL.NC035OperationalUp?
Server NC036, Amsterdam, Netherlands (Mail server), OPERATIONAL.NC036OperationalUp?
Server NC040, Toronto, Canada (Web server), INTERNAL.NC040InternalUp?
Server NC041, New York, United States of America (Web server), OPERATIONAL.NC041OperationalUp?
Server NC042, Seattle, United States of America (Status website), OPERATIONAL.NC042OperationalUp?

Subscriptions:

RSS icon. RSS

Twitter icon. Twitter

Search:

 

Recent Posts:

Archives:

Categories:

Links

Tags:

.co.zm domains .com.zm domains .zam.co domains back-up bounce messages browser warnings connection issues control panel database dns dos attack dot-zm domains down time email email delivery error messages ftp hardware imap mail mailing lists mail relay mail server microsoft migration nameservers network networking performance php phplist pop reboot shaw shaw communications inc. smtp spam spamassassin ssl ssl certificate tls tls certificate viruses webmail web server

Resources:

On NinerNet: