Server and System Status

NC027: Migration of mail server

4 May 2018 17:17:14 +0000

Server NC027 is being replaced by new mail server NC036. We will be migrating all email accounts to the new server during our regular weekly maintenance window next weekend, starting at 21:00 UTC on Saturday 12 May 2018.

We will be conducting tests over the next week to determine how long this should take, and will post an update here by the middle of next week with an estimate for how long your mail will be unavailable. Because this is a migration between servers running the same software, it’s much more straightforward that most migrations and should take less time than usual. Additionally, the configuration settings for your email will not change, making the process much smoother.

As mentioned last week, this is part of a two-phase plan — this is phase two — to significantly reduce downtime during migrations. Future migrations should be done in almost minutes rather than hours.

If you have any questions or concerns, please feel free to contact support. Thank-you for your patience.

Tags: down time, email delivery, hardware, migration, smtp
Categories: Email, Maintenance, NC027, NC036
2 Comments »

NC027: Maintenance complete

28 April 2018 22:53:20 +0000

The maintenance on server NC027 is complete, and it was brought back online at 22:17 UTC. Thank-you for your patience.

While we did this maintenance we also patched the server for the Spectre vulnerability. This means that the maintenance to do that on 1 May is no longer necessary, and has been cancelled.

If you have any questions or concerns, please contact support.

Tags: down time, email delivery, hardware, migration, reboot, smtp
Categories: Email, Maintenance, NC027
Comments Off

NC027: Server maintenance

28 April 2018 21:08:46 +0000

Server NC027 went down for maintenance at 21:05 UTC. We will post updates here as the work progresses and when the server is back online again.

Tags: down time, email delivery, hardware, migration, reboot, smtp
Categories: Email, Maintenance, NC027
Comments Off

NC027: Blacklist update

27 April 2018 12:53:35 +0000

Good news! NC027‘s IP address has been removed from the blacklist it was in, so at 12:41 UTC we switched mail processing back to the primary server. NC027 is in no blacklists of which we are aware.

Please note that the events of the last couple of days have pushed the notices we issued of upcoming scheduled maintenance on three of our servers down the page. If you have missed them please see:

NC027: Addition of disk space (Saturday)
NC023, NC027 and NC031: Spectre maintenance (Tuesday and Wednesday next week)

Thank-you for your patience over the last 24 hours. If you have any questions or concerns, please do let us know.

Tags: email delivery, smtp, spam
Categories: Email, NC027
Comments Off

NC027: Blacklist situation

27 April 2018 06:13:40 +0000

As explained yesterday, a client’s compromised email account sent out thousands of spam emails before it was detected and stopped. This has happened before, but the circumstances this time are different.

Most blacklists are automated, both in adding IP addresses to the blacklist and in removing them. This is a double-edged sword. On the plus side, IP addresses that are the source of spam are quickly added, making it less likely that spam will get through in subsequent attempts from the same IP address. Most, if not all, automated blacklists then remove the bad IP address fairly quickly after the spam stops. They realise that stuff happens, and when the spam stops they assume the problem is fixed and remove the IP address. There is short-term pain, but it’s measured in hours and the block is generally removed within your business day.

On the negative side, organisations and people that run blacklists are generally unwilling to manually remove IP addresses before they automatically expire. In and of itself this isn’t actually a bad thing; many blacklist wouldn’t be able to function if they had to field pleas and demands that IP addresses be removed. Quick, automated removal when the problem that caused the listing in the first place is fixed is the cure.

Unfortunately this situation has exposed a blacklist that actually seems to be designed to punish mail servers that have had a temporary problem, even after the problem has been stopped. This is unusual in our experience, as it makes the blacklist less useful, by blocking legitimate email long after the problem has been addressed. Information on their website states that it could be “a week or more” before an IP address is removedif they determine the spam outbreak to be severe enough — without defining “severe” — even though it has stopped. And since the addition and removal of IP addresses is automated, “you cannot” get your IP address removed manually. Full stop.

Since this blacklist is still blocking our mail server’s IP address almost 24 hours later, at 05:01 UTC we started relaying all mail sent by clients through our relay mail server (NC023), which has a different IP address. We will continue to monitor the blacklist in question and reverse this once our IP address is removed.

It seems that most of the mail servers we’ve seen using this blacklist are in South Africa. Mail bounced using this blacklist will show a message like the following, using real email addresses, domains and IP addresses of course:

<destination@example.com>: host something.co.za[1.2.3.4] said:
    550-rejected because 212.71.255.195 is in a black list at
    truncate.gbudb.net 550 http://www.gbudb.com/truncate/ [212.71.255.195]
    (in reply to RCPT TO command)

If you’ve seen this, we suggest that you contact the person to whom you sent the email and suggest that they tell their hosting company that they should stop using blacklists that don’t operate within the norms of most blacklists. Feel free to point them to this blog post.

With all of the above said, we will be setting up a new mail server and migrating all accounts to it within the next couple of weeks. The new server will be better equipped to spot and stop these outbreaks automatically before they become “severe”.

As always, we appreciate your patience, and we also appreciate those clients that keep their anti-virus software up to date. If you have any questions, please feel free to contact us. Thank-you.

Tags: email delivery, smtp, spam
Categories: Email, NC023, NC027
Comments Off

NC027: Spam cleaned up

26 April 2018 11:22:13 +0000

We have cleaned up the mail server (NC027) after an email account was compromised. This has resulted in the mail server being placed in at least one blacklist. The email account in question has been disabled pending resolution by the client of the root cause of this issue, but it will be a few hours before restrictions on our primary mail server’s IP address put in place by this blacklist expire.

These incidents usually arise after a client’s computer has been infected with a virus. The virus then sends the email password back to the person or organisation controlling the virus, and they then use that information to compromise that email account on the mail server, using it to send thousands of spams from the account. Please ensure that you install, use and update an anti-virus program on your computers and any other devices to ensure that this doesn’t happen to your email account.

We apologise for this incident. Please contact us if you have any questions. Thank-you.

Tags: email delivery, smtp, spam
Categories: Email, NC027
1 Comment »

NC027: Addition of disk space

25 April 2018 11:53:31 +0000

Due to the growing need for more and bigger email accounts, we need to add more disk space to server NC027. This will require us to take the mail server offline during our regular weekly maintenance window for approximately four hours starting at 20:00 UTC on Saturday 28 April 2018. (Please click that link to determine when this will be in your time zone.)

During this maintenance you will not be able to send or receive email. Incoming email to your domain will be held on the sending servers until our mail server is back online, and will then be delivered to your accounts. No email will be lost.

Please note that email to NinerNet will also be down during the maintenance on server NC027.

This is phase one in a two-phase plan to ensure that long, disruptive maintenance windows like this become a thing of the past. We will post more details about this in the coming days.

Tags: down time, email delivery, hardware, migration, reboot, smtp
Categories: Email, Maintenance, NC027
2 Comments »

NC023, NC027 and NC031: Spectre maintenance

25 April 2018 11:41:21 +0000

Per our previous blog post, three of our servers will be updated to address variants 1 and 2 of the Spectre vulnerability per the following schedule (start times) in chronological order:

NC027: 23:00 UTC on Tuesday 1 May 2018 (DONE)
NC031: 05:00 UTC on Wednesday 2 May 2018
NC023: 20:00 UTC on Wednesday 2 May 2018

As with the previous upgrades for the Meltdown vulnerability, the maintenance windows for each are two hours long, but we expect that each server will be down for much less than that. During the Meltdown maintenance the servers were down for between 13 and 19 minutes, and we expect much the same this time around.

Please click the links above to determine when this will be in your time zone.

During the maintenance of servers NC023 and NC027 you will not be able to send or receive email. Incoming email to your domain will be held on the sending servers until our mail server is back online, and will then be delivered to your accounts. No email will be lost. Please note that email to NinerNet will also be down during the maintenance on server NC027.

During the maintenance of server NC031 your website will be inaccessible, both to you and the public.

Tags: down time, email delivery, hardware, mail relay, reboot, smtp, web server
Categories: Maintenance, NC023, NC027, NC031
2 Comments »

NC023 and NC027: Maintenance complete

19 January 2018 03:30:26 +0000

Server NC023 was down for maintenance between 03:00 and 03:18 and server NC027 was down for maintenance between 03:02 and 03:15, and both have been successfully updated with current patches. This phase of the maintenance protects against Meltdown; further maintenance for protection against Spectre will take place when patches for it have been developed.

Updates will be posted here.

Tags: down time, email delivery, hardware, mail relay, reboot, smtp
Categories: Email, Maintenance, NC023, NC027
Comments Off

NC023 and NC027: Emergency server maintenance

18 January 2018 02:54:25 +0000

Per our previous blog post, the next of our servers to undergo updating are NC023 (the relay server) and NC027 (the primary mail server). The maintenance windows for each are two hours’ long, but we expect that each server will be down for much less than that.

The maintenance window for both starts at:

03:00 UTC on Friday 19 January 2018

Please click the link above to determine when this will be in your time zone.

During the maintenance you will not be able to send or receive email. Incoming email to your domain will be held on the sending servers until our mail server is back online, and will then be delivered to your accounts. No email will be lost.

Please note that email to NinerNet will also be down during the maintenance on server NC027.

Tags: down time, email delivery, hardware, mail relay, reboot, smtp
Categories: Email, Maintenance, NC023, NC027
Comments Off

System	Status	Ping
NC023	Internal	Up?
NC028	Internal	Up?
NC031	Internal	Up?
NC033	Operational	Up?
NC034	Internal	Up?
NC035	Operational	Up?
NC036	Operational	Up?
NC040	Internal	Up?
NC041	Operational	Up?
NC042	Operational	Up?