NinerNet Communications™
System Status

Server and System Status

NC036: Emergency maintenance explanation

2 September 2021 09:23:31 +0000

The emergency maintenance on server NC036 earlier today was to add additional disk space for email storage. Normally this maintenance is scheduled in advance, but today a number of factors combined to require us to take action immediately. We will work to avoid this situation in the future, but the cause of the situation was one of the aforementioned factors.

Thank-you for your patience. If you have any questions or concerns, please contact NinerNet support. Thank-you.

NC036: Server back online

2 September 2021 02:59:34 +0000

Server NC036 is back online. It was down for 6 minutes between 02:31 and 02:37 UTC. We’ll be posting additional information about this shortly.

NC036: Emergency maintenance

2 September 2021 02:33:05 +0000

Server NC036 (our primary mail server) will be undergoing emergency maintenance within the next few minutes. The server will be down for approximately half an hour.

We will post an update when we are done.

NC036: Post-mortem

21 September 2020 08:42:47 +0000

As noted in the previous two posts, there was a virus outbreak on server NC036 (the primary mail server) this morning. Apparently the machines associated with five email accounts on three domains were compromised, allowing criminals to use those accounts to send thousands of viruses. These were intercepted by our anti-virus scanner, but due to the volume of activity on the server we had to shut down the SMTP side of the mail server while we determined which email accounts were compromised, suspended them and removed their messages from the mail queue.

Please note that what happens in almost all cases when email accounts are compromised is that the computer (or one of the machines or devices on which those accounts are configured) is what is actually compromised; it is not the server. The account owner’s machine is usually infected with a virus or other malware, and the account’s password is then transmitted to the criminals behind the virus. They then launch an attack via the legitimate and correct password. It’s as if your car was stolen and the thief used it to commit a crime; the car behaved as it was told by the guy with the key, but is not responsible for the crime. On the other hand, the owner of the car may have left the key in their car and the door unlocked, contributing to the compromise. This is why it is vitally important that you have anti-virus software installed on your computer, and kept up-to-date.

If you have any questions about this, please feel free to contact NinerNet support, and we’ll be happy to answer your questions or concerns. Our apologies for the interruption.

NC036: Mail server is back online

21 September 2020 07:26:54 +0000

Our apologies. The sending side of the mail server (NC036) is back up. It was down for 21 minutes between 06:56 and 07:17 UTC. The ability to check your email account was not down.

We will post additional information and contact the affected clients shortly.

NC036: Mail server paused while we clean up a spam outbreak

21 September 2020 07:05:48 +0000

Server NC036 (the primary mail server) is temporarily paused while we clean up a huge virus outbreak. I will be back online as soon as possible.

NC036: Migration update 24 — Outlook weirdness

11 June 2018 11:35:44 +0000

Microsoft are famous for ignoring standards and inventing their own so-called standards, and over the years we’ve seen evidence of that in Outlook.

Numerous clients today report that the following applies to Outlook, at least Outlook 2016:

There is no option for STARTTLS for incoming (POP/IMAP) settings. As such, you need to use the older and deprecated option of using port 995 (POP) and 993 (IMAP) over SSL.

NC036: Migration update 21 — Screenshots

11 June 2018 07:02:05 +0000

Here are the promised screenshots that show how an email program like Thunderbird should be configured.

We will have Outlook screenshots available as soon as possible.

NC036: Migration update 20 — Solutions

11 June 2018 04:08:41 +0000

Summary

We suspect that clients having problems sending or receiving email have very old legacy configuration settings. Please see the “Email server settings” section below for the definitively correct settings.

Situation

Over the weekend we took a deep breath and stepped back to re-analyse this problem, and consult with a number of you. Between…

  • a move to a new server in a new data centre,
  • and then to another data centre to try to outrun the phantom issues at the first data centre,
  • the conclusion that Zambian ISPs were somehow complicit (and then even having that explicitly confirmed [and then retracted] by someone in the IT Security Department at MTN!) because we’d had no complaints from other countries,
  • and the fact that the new server was somehow processing just as many messages as it normally does despite so many people apparently being unable to send and/or receive,

.. we were awash in red herrings to an extent I have never seen in 22 years.

We’ve taken a look at the behaviour of two of the most used email programs (Thunderbird and Outlook) and come to some conclusions about what might be happening:

  • The fact that most clients carried on connecting with no problems tells us that (a) the server was operating normally, but (b) some clients were using old (in some cases very old) settings that were permitted (but not recommended) on the old server, but no longer permitted on the new server due to the ever-increasing need to raise the bar on server security.
  • Some email programs (notably Thunderbird and various incarnations of the Apple Mail app) tend to funnel all outgoing email through a single SMTP (outgoing) account. This can lead to situations where someone might be trying to send an email from you@domain1.com, but trying to log in as other-address@domain2.net. Again, with the ongoing need to tighten email security, this is no longer permissible with just about every mail service provider in the world.
  • A lot (probably most, actually) of email programs and apps try to second-guess your selection of a port number, often after you think you’ve saved your email configuration.
  • Over the years we’ve seen some email programs and apps treat SSL and TLS in odd and unpredictable ways. The existing settings we’ve always given out still work, but in the interests of getting everyone on the same page we’re starting with a clean slate.

So, if you’re having problems sending, it will likely be worth your while to check your SMTP (outgoing) settings; if you’re having problems receiving, it will likely be worth your time to check your POP or IMAP (incoming) settings. I wanted to have some screenshots ready for this post, but I’d rather get the words up now and post screenshots shortly afterwards, so here are the settings you need to use:

Email server settings

  • Email address: you@yourdomain.com
  • User name: you@yourdomain.com (same as your email address)
  • Password: The correct password on your email account. If you’re not sure what it is, please reset it to a new one through the email control panel (admins only). It can also be reset through the webmail.
  • Password type: Plain
  • Incoming (POP/IMAP) mail:
    • Server: pop.niner.net or imap.niner.net
    • Port: 110 (POP) or 143 (IMAP)
    • Encryption: STARTTLS
  • Outgoing (SMTP) mail:
    • Server: smtp.niner.net
    • Port: 587
    • Encryption: STARTTLS
    • Authentication: Turned on
  • To send email, you must log in with the same user name (address) as the address you’re sending from.
  • Some older mail programs may not offer STARTTLS; if that’s the case for you, try TLS and/or SSL, in that order.

Additional information

I can’t emphasise strongly enough how important it is for you to be precise in setting up this configuration. No setting is “close enough”, and your computer is not smart enough to figure it out; it will just tell you there is an error. Although, having said that, I’d like to emphasise that the niner.net sub-domains with “27” in them — i.e., pop27.niner.net, imap27.niner.net and smtp27.niner.net — do still also work, but they will be phased out; do not use them.

In the case of those email programs that like to railroad you into sending all email through a single SMTP account by default, we suggest that you start with a clean slate there too by deleting all of the saved SMTP accounts (unless you have some on systems that are completely separate from NinerNet) and creating a new one for each of your email accounts. Because your email program may not let you delete the “default” SMTP account, you’ll need to make a new SMTP account the new default, and then delete the old default.

We will post helpful screenshots as soon as possible. In the meantime, please check (and, if necessary, update) your email account settings and ensure that they are correct.

Thank-you.

NC036: Migration update 19 — MTN blocking us

8 June 2018 07:23:34 +0000

I have just got off the phone with someone in IT security at MTN head office in Lusaka, and they confirm that they have been blocking our new mail server as part of a wrong-headed plan to prevent MTN users from sending spam. It is likely that the first new mail server was also being actively blocked. He says that our IP addresses will be unblocked within the next ten minutes.

This raises the significant question of whether or not this is now an Africa-wide policy with many other ISPs. Other countries manage to prevent their users from sending spam without holding the keys to a gateway to the Internet, forcing companies like NinerNet to supplicate themselves to the likes of big companies like MTN when we find our businesses held hostage.

This is why we sent the questionnaire out yesterday asking you for details on whether nor not you are still having problems, and for the details of your ISP. Please reply to those emails so that we may determine which ISPs are actively blocking our servers and take the appropriate action.

NinerNet home page

Systems at a Glance:


Loc.SystemStatusPing
Server NC023, London, United Kingdom (Relay server), INTERNAL.NC023InternalUp?
Server NC028, Vancouver, Canada (Monitoring server), INTERNAL.NC028InternalUp?
Server NC031, New York, United States of America (Web server), INTERNAL.NC031InternalUp?
Server NC033, Toronto, Canada (Primary nameserver), OPERATIONAL.NC033OperationalUp?
Server NC034, Lusaka, Zambia (Phone server), INTERNAL.NC034InternalUp?
Server NC035, Sydney, Australia (Secondary nameserver), OPERATIONAL.NC035OperationalUp?
Server NC036, Amsterdam, Netherlands (Mail server), OPERATIONAL.NC036OperationalUp?
Server NC040, Toronto, Canada (Web server), INTERNAL.NC040InternalUp?
Server NC041, New York, United States of America (Web server), OPERATIONAL.NC041OperationalUp?
Server NC042, Seattle, United States of America (Status website), OPERATIONAL.NC042OperationalUp?

Subscriptions:

RSS icon. RSS

Twitter icon. Twitter

Search:

 

Recent Posts:

Archives:

Categories:

Links

Tags:

.co.zm domains .com.zm domains .zam.co domains back-up bounce messages browser warnings connection issues control panel database dns dos attack dot-zm domains down time email email delivery error messages ftp hardware imap mail mailing lists mail relay mail server microsoft migration nameservers network networking performance php phplist pop reboot shaw shaw communications inc. smtp spam spamassassin ssl ssl certificate tls tls certificate viruses webmail web server

Resources:

On NinerNet: