-
-
One of the spam blacklists that are built in to IMail has been compromised by spammers (spammers.v6net.org). They've changed the blacklist to report positive for all addresses.
Judging by the WHOIS data, the domain expired on 21/1/2005 and was taken over by Bealo Group (known domain squatters / spammers) shortly thereafter. The website at http://www.v6net.org has links to a whole lot of sites that look very likely to be sources of spam.
It's pretty important that you disable this list from your IMail configuration, otherwise you'll be getting about 100% false positives.
The inmates are running the asylum!
-
-
This doesn't surprise me. It turns out that Melbourne IT was responsible for the screw-up that led to Panix's domain name being hijacked. Also, there are serious questions being asked about Melbourne IT's responses to the incident.
Bruce Tonkin (CTO of Melbourne IT) has admitted their fault in this matter.
> In the case of panix.com, evidence so far indicates that a third party
> that holds an account with a reseller of Melbourne IT, fraudulently
> initiated the transfer. The third party appears to have used stolen
> credit cards to establish this account and pay for the transfer. That
> reseller is analysing its logs and cooperating with law enforcement.
> There was an error in the checking process prior to initiating the
> transfer, and thus the transfer should never have been initiated. The
> loophole that led to this error has been closed.
I hope that ISPs and web hosting companies across the world unite in an effort to have Melbourne IT's registrar's status revoked by ICANN.
-
-
We use IPSentry to monitor our web hosting servers. It's currently running on a machine with IMail and a few other applications.
Every now and then it would fail all the HTTP monitors, and also fail to send us email alerts. It would report an error message "no buffer space available" which looks to be coming up through VB runtime from Winsock. This was a pretty major concern!
I emailed IPSentry support who were very helpful, and mentioned this in an email:
> From various posts I have seen id many forums, IMails built-in monitoring service has a memory leak and may be the culprit.
I've disabled the IMail monitoring service so hopefully the issue is resolved now.
-
-
I've just restarted our hosting servers after installing the latest Windows 2003 Server updates on them. It drives me mad that they still require reboots. It seems that these updates need to be installed every few days so this indicates to me that we're back to the old Windows NT 4.0 Server days where we'd just schedule a reboot every 48 hours. I'm not brave enough to leave a machine unpatched for more than a few hours, particularly when it is so exposed to the internet.
Surely not all of these updates require a complete reboot of the machine? A patch to IIS should just restart the service. An update for Explorer.exe should just kill the process and restart it (after warning the user!). Security fixes to the TCP/IP stack should stop and start Windows' network sub-system.
The fact that modern high-end servers take so long to reboot (initialising RAID arrays, POST checks etc) makes this problem much more painful. The difference between 5 minutes of downtime and 15 minutes of downtime is enormous.
I have two choices:
1) Install the updates and reboot before I go home at 6.30 PM. I'll then hang around until all our automated monitors report green (success). This frustrates our clients if they are still at work, and seems like a pretty unprofessional solution.
2) Install the updates and reboot over VPN from home in the middle of the night. This seems like a good idea but if a server doesn't come up clean (some idiot left a bootable CD-ROM in the drive?) then I have to get dressed and catch a cab to the office and ruin my night.
How does everyone else involving in Windows hosting solve this problem? It seems like a problem Microsoft should really work on in their next generation of server products. I guess clustering would help - we could update and reboot half the servers at a time. But this is a pretty drastic and expensive solution for what seems to be a simple problem.
-
-
I've been reading at Slashdot and NANOG about how someone has hijacked Panix's DNS. Panix is a large ISP in New York. The hijacking will cost them thousands of customers and millions of dollars. This is truly terrifying, and what makes it scarier is that it looks as though Melbourne IT are the ones who fucked it up.
This doesn't surprise me. Every time I deal with Melbourne IT their staff strike me as arrogant and uninformed. They don't have 24 hour support. They have 30 minute waits on their support lines during business hours. They blame everything on the customer.
I'm particularly concerned by this because I'm involved with running the web hosting at http://dtdesign.com.au and most of our domains go through Melbourne IT. I'll certainly be spending time today reviewing their procedures and seeing what I can do to secure our domain names.
-
-
This is apparently an extract from a memo written by Philip Greenspun. I guess it is supposed to illustrate the value of software documentation.
"On to Prague... Just NW of the city is Therezin, a good illustration
of the power of documentation. During WWII the entire town was turned
into a concentration camp for Jews. The Red Cross was invited in
periodically to inspect the camp and found that everyone was happy and
enjoying life in a little self-governing Jewish municipality. The Red
Cross didn't dig too deeply or go anywhere without an SS guide.
Eventually the Red Cross lost interest and the Germans were free to
send virtually all of the Therezin Jews to their deaths in Auschwitz,
Treblinka and Bergen-Belsen.
The killing of 6 million Jews was like a software product. It ran
continuously, was expensive, and involved a lot of messy details
(where to find trains, coping with complaints from neighbors about the
smell of burning flesh 24 hours/day, what to do with all the hair
shaved off prisoners' heads (mattress factories were built and many
Germans slept for decades after the war on human hair), etc.).
Theresienstadt is like documentation. It was used by the appointed
experts (CTOs) to evaluate the quality of the Nazi's concentration
camp system for Jews (Germany's product). It was used intermittently
for awhile and once everyone was happy with the program it was no
longer used.
Bottom line: by maintaining a city for a few tens of thousands of
people, the Germans were able to convince the world that the
concentration camp system was just fine. Therezin was about 1% of the
effort of the overall Final Solution but it turned out to be well
worth it."
Although the analogy is kind of clever, this is an amazingly inappropriate thing to write. A guy as intelligent as Philip should know better.