Category Archives: Wizmail - Page 2

Rejects search facility

We’ve added a facility for Wizmail (not Tidymail yet) users to search for items for them which were rejected.  Most of these should be spam, but if you’ve been expecting a particular item which has not arrived, or if you just want to get a general flavour of the spam we’re rejecting on your behalf, the information is there.  It’s pretty raw, being just lines selected from our logs.

This is only a beta service; we might change it or withdraw it once we have some experience of how well (or not) it works.  One thing it will not show is rejects where we decided we didn’t like the sending system even before it got as far as telling us the item recipient.  It doesn’t handle aliases or catchalls either.

To use the service you must have your mail client configured to authenticate, so that we know what name to search the logs for.  Send a mail to rejectlog@wizmail.org – the subject and content will be ignored and can be blank.  You should get sent a mail with selected lines from our logs.

Each line should include a date & time, an IP address in square brackets (of the sending system) and a sender name in the form F=<user@domain> (NB: this is the envelope from, not the header from).  There should also be a reason for rejection.

We’ll be interested in your comments on this facility.   Mail to helpdesk@wizmail.org

If all goes well we’ll roll out to Tidymail soon.

Additional – it turns out to be a really good idea to put pcmsuser@wizmail.org as a known-address, with an accept on it.  Otherwise, a URL or phone-number which caused a content-based rejected, and got logged, will result in the rejection of the mail containing the log lines….

Webmail Updates

Following our system update this weekend we have retired the sqwebmail service.  This has been replaced by the roundcube webmail service that was previously in beta.

The old URL for sqwebmail should automatically redirect to the new service at https://wizmail.org/webmail/

Please let us know about any problems you may experience with the new service by contacting us at helpdesk@wizmail.org

New Webmail Beta – Roundcube

We are pleased to announce a new beta webmail service – Roundcube.

This new webmail service can be found by following the Read Mail – * BETA * link on the Wizmail front page.

Read more »

Withdrawl of Prayer beta webmail service

The beta webmail service we had been running, ‘Prayer’, has been withdrawn with immediate effect.

We have been reviewing its usability and have concluded that does not provide sufficient user facilities over the existing offering, nor does it provide suitable administration capability particularly when trying to diagnose user problems.

We would like to thank all our users who tried it.

Notice of Emergency Downtime for wizmail.org

We will be taking the machine hosting the main wizmail.org email service down tomorrow afternoon (Sunday 29th Nov).

This is to allow us to replace a failed disk and perform preventative maintenance on the server.

We expect the downtime to commence sometime around 15:00 and last for a couple of hours. The outage may be shorter as part of the work has already been performed on the replacement disks.

During this time it will not be possible to send or receive email, though any inbound email will be queued on the alternate inbound server during the outage and will be delivered to your inboxes as soon as the main server is back.

Server Reboots – 2009-11-22

Just to let you know that next Sunday, 22nd November during the afternoon we will be rebooting the machines that handle email.

This will allow us to boot with an updated kernel which has a number of security fixes we regard as needed.

The outage should last less than 10 minutes for each machine, and we will only reboot one machine at a time to ensure that incoming email is not blocked. Doing this means no inbound email will be lost, only that for the duration of the reboot your will not be able to collect email.

WARNING – Phishing attempts

We have noted that some of our customers are receiving email purporting to be from ourselves claiming they are over their storage limit and that they need to reply with their account details including password to resolve the storage issue.

These emails are not from us and should be deleted.

We will not ask for your email passwords, ever.

Subject: Your mailbox has exceeded the storage limit.
Date: Tue, 10 Nov 2009 08:43:42 -0800
From: ServiceHelp Desk <admin@webmail.org>
Reply-To: adminwebct@tmail.tv
To: undisclosed-recipients:;

Dear Webmail Account User,

This message was sent automatically by a program on Webmail admin center
which periodically checks the size of inbox, The program is run
automatically to ensure no user inbox grows too large. If your inbox
becomes too large, you will be unable to receive new emails. Just before
this message was sent, you are currently running on 20.9 GB, You have has
exceeded the storage limit which is 20GB.

To help us re-set your Account SPACE on our database prior to maintain
your INBOX, you must reply to this e-mail providing us your the Below
information:

E-mail ( ... ...... ...  ... ... ... ...  ... ... ... ...  ... ... ... ... )
Username/ID ( .all.. ... ... ... ... ...  )
Current Password ( ... ...... ... ) Retype Password: ( ... ...... ... )

From this point you will be unable to receive new email as it will be
returned to the sender, Provide the above information to enable us help
reset your webmail immediately.

NOTE: Your Webmail Account Expire in Three (3) Days. After you read this
message, it is best to REPLY with the required information to upgrade
MailBox. Reply to this message immediately to Re activate your Account.

Thank you for your cooperation.
Webmail Help Desk. System Administrator
-------------------------------------------------

Refinements to URL scanning

We made a few adjustments to the URL scanning code in the past couple of weeks to allow it to be more effective as the spammers mutate to avoid earlier block techniques.

  • We added a number of handlers to spot redirectors.
  • We’ve adjusted the list of tell-tales that accompany trojan executables
  • Improved spotting of Image-Only spam.
  • Greater range of countries and formats for telephone numbers.

We’ve got a few more steps before we can administer the spammed telephone numbers via our management interface but for the time being we’ve added a selection of the more egregious examples to the database manually.

New blocking for phish & virus

We’ve just rolled out new code to block certain spam message types which either contain newly morphed trojans or point to sites which ask you to download trojans under false pretences, or just infect your machine if you visit.

The most recent types of these have been

  • “Server upgrade” pointing to updates.yourdomain.dodgydomain/…./…exe
  • Western Union Money Transfer
  • DHL Express Services undelivered parcel
  • 123greetings.com ecards
  • HMRC Unreported/Underreported Income

Needless to say none of these actually come from the companies and institutions involved.

Our apologies to our customers who have received these sorts of email prior to this rollout. We always endeavour to avoid inaccurate blocking so before making these sorts of change we have to check carefully that these filters don’t have an adverse effect on genuine email.

And if you are still getting these sorts of email do please let us know at the helpdesk address.

Emergency Downtime – 2009-07-05

We are going to be taking an outage on our primary machines this Sunday to replace some disks that are being problematic.

We will take each machine down in turn to ensure that there is always a machine for incoming email, but mail will not be available to fetch/read whilst your primary machine is down.

This is a precautionary measure as we have properly configured RAID systems to ensure availability so no data will be lost and these drives could normally be replaced without downtime, but we have some configuration updates to install that will require at least a reboot so we are combining the events to minimise the downtime.

The outages will commence sometime after 14:00 on Sunday and we hope to complete by 18:00 though some overrun on individual services may occur.

css.php