Category Archives: Tidymail - Page 3

Notice of Emergency Downtime for post.wizards.co.uk

We will be taking the machine hosting the post.wizards.co.uk outbound email service down tomorrow afternoon (Sunday 29th Nov).

This is to allow us to replace a failed disk and perform preventative maintenance on the server.

We expect the downtime to commence sometime around 15:00 and last for a couple of hours. The outage may be shorter as part of the work has already been performed on the replacement disks.

During the outage it will not be possible to send email if you are configured to use post.wizards.co.uk as your outbound SMTP server.  As an alternative you could configure your outbound to use post.tidymail.co.uk, but you must also have a client that can authenticate when it sends. Details of configuring common clients along with technical details for other clients can be found on our Configuring Your Client For Tidymail page.

Server Reboots – 2009-11-22

Just to let you know that next Sunday, 22nd November during the afternoon we will be rebooting the machines that handle email.

This will allow us to boot with an updated kernel which has a number of security fixes we regard as needed.

The outage should last less than 10 minutes for each machine, and we will only reboot one machine at a time to ensure that incoming email is not blocked. Doing this means no inbound email will be lost, only that for the duration of the reboot your will not be able to collect email.

WARNING – Phishing attempts

We have noted that some of our customers are receiving email purporting to be from ourselves claiming they are over their storage limit and that they need to reply with their account details including password to resolve the storage issue.

These emails are not from us and should be deleted.

We will not ask for your email passwords, ever.

Subject: Your mailbox has exceeded the storage limit.
Date: Tue, 10 Nov 2009 08:43:42 -0800
From: ServiceHelp Desk <admin@webmail.org>
Reply-To: adminwebct@tmail.tv
To: undisclosed-recipients:;

Dear Webmail Account User,

This message was sent automatically by a program on Webmail admin center
which periodically checks the size of inbox, The program is run
automatically to ensure no user inbox grows too large. If your inbox
becomes too large, you will be unable to receive new emails. Just before
this message was sent, you are currently running on 20.9 GB, You have has
exceeded the storage limit which is 20GB.

To help us re-set your Account SPACE on our database prior to maintain
your INBOX, you must reply to this e-mail providing us your the Below
information:

E-mail ( ... ...... ...  ... ... ... ...  ... ... ... ...  ... ... ... ... )
Username/ID ( .all.. ... ... ... ... ...  )
Current Password ( ... ...... ... ) Retype Password: ( ... ...... ... )

From this point you will be unable to receive new email as it will be
returned to the sender, Provide the above information to enable us help
reset your webmail immediately.

NOTE: Your Webmail Account Expire in Three (3) Days. After you read this
message, it is best to REPLY with the required information to upgrade
MailBox. Reply to this message immediately to Re activate your Account.

Thank you for your cooperation.
Webmail Help Desk. System Administrator
-------------------------------------------------

Refinements to URL scanning

We made a few adjustments to the URL scanning code in the past couple of weeks to allow it to be more effective as the spammers mutate to avoid earlier block techniques.

  • We added a number of handlers to spot redirectors.
  • We’ve adjusted the list of tell-tales that accompany trojan executables
  • Improved spotting of Image-Only spam.
  • Greater range of countries and formats for telephone numbers.

We’ve got a few more steps before we can administer the spammed telephone numbers via our management interface but for the time being we’ve added a selection of the more egregious examples to the database manually.

New blocking for phish & virus

We’ve just rolled out new code to block certain spam message types which either contain newly morphed trojans or point to sites which ask you to download trojans under false pretences, or just infect your machine if you visit.

The most recent types of these have been

  • “Server upgrade” pointing to updates.yourdomain.dodgydomain/…./…exe
  • Western Union Money Transfer
  • DHL Express Services undelivered parcel
  • 123greetings.com ecards
  • HMRC Unreported/Underreported Income

Needless to say none of these actually come from the companies and institutions involved.

Our apologies to our customers who have received these sorts of email prior to this rollout. We always endeavour to avoid inaccurate blocking so before making these sorts of change we have to check carefully that these filters don’t have an adverse effect on genuine email.

And if you are still getting these sorts of email do please let us know at the helpdesk address.

Drop-off

The number of connections to both our primary and (mainly) secondary MX’s dropped by about 50% about 11pm local on Friday.  Perhaps a major spammer has been knocked off?  The effect is quite clear on the front-page graph – we’re accepting mails from a far higher percentage of connections now, merely because the total is less.

Update, Monday:

Hah!  They were trying to fool us.  7:30 this morning, back they come,

Downtime last weekend & Missing emails

This a short post to cover the basic of the events over the last 72 hours. Once I’ve caught up on some sleep I’ll go over this posting and prepare another if there’s anything I missed. Read more »

Emergency Downtime – 2009-07-05

We are going to be taking an outage on our primary machines this Sunday to replace some disks that are being problematic.

We will take each machine down in turn to ensure that there is always a machine for incoming email, but mail will not be available to fetch/read whilst your primary machine is down.

This is a precautionary measure as we have properly configured RAID systems to ensure availability so no data will be lost and these drives could normally be replaced without downtime, but we have some configuration updates to install that will require at least a reboot so we are combining the events to minimise the downtime.

The outages will commence sometime after 14:00 on Sunday and we hope to complete by 18:00 though some overrun on individual services may occur.

Announcing new beta Webmail service

We have just introduced the beta-test version of a new webmail system for all Tidymail users.

The service is based on the prayer webmail program, with some adjustments for our environment.

So, please try out the new service and let us know what you think by mailing us at helpdesk@tidymail.co.uk

** Update **

This beta service is now closed.

Image-Only Spam Blocking

We’ve just rolled out a new feature. Image-Only Spam Blocking.  This is a method of spotting the resurgence of image-based spam where there is no accompanying text or clickable links, but where the spammers include the name of the site in the image itself sometimes with a help section explaining how to type the URL into your browser.

This is currently enabled as part of the URL blocking code which works on the clickable links.

css.php