MySQL crashed – again
Just after posting the Babelfish interpretation of “Flushing Cache”, MySQL server went down. This time, it took a few hours to get up again – because I had no access to the systems. It’s been pretty much the same: value 12, “not enough core”, this time on read.
Reverse changes
I took the chance to reverse a few changes made in favout of the IDE server for Distributer Detbenas and WEBES and lowered some of the system parameters that wer increased as their requirement, but since RdB is to be installed some day, I kept an eye on the requirements. The only one needed a permanent increase comapred to the original setings, is CHANNELCNT – set to 2050, just less than twice the original amount. The rest have been restored to the original.
Next I rebooted Diana (some of them are not dynamic) but something strange happened: It looks like some command procedure has “SET VERIFY” in it and the whole listing was sped out on the screen. MySQL was started but the remains of the procedure seemed to be bypassed. Running it separately revealed no troubles at all, so what happened here, I don’t know. The log didn’t shbow anything either….
But the system is now working again.
Interpretations…
How do you translate “Flushes Cache” in Dutch:
In more or less ordinary English:
The flood’s secret portal to memory
(Thanks to my collegue Piet Timmers)
Paypal phishing attempt blocked
The phishing attemps are now blocked by the anti-spam gateway so they do no longer arrive in any of my mailboxes. Which, of course, is what it is the intended use, plus it allows a closer look to the message code without having the message actually delivered.
This one came in a few days ago:
<p><b><font face="Verdana" size="2">You are required to upgrade your PayPal
Account by subscribing to our New Security Center.</font></b></p>
<p><font face="Verdana" size="2">Please <b> <a href="http://202.67.156.66/www.paypal.com/cgi-bin/webscrcmd=_login-run/update.php">click here</a></b> in order to upgrade your PayPal account.</font></p>
<p><font face="Verdana" size="2">If you not perform the update now, your account will be placed on hold. On hold accounts can still send money, but they cannot withdraw or receive funds.</font></p>
Mind the hyperlink-address:
http://202.67.156.66/www.paypal.com/cgi-bin/webscrcmd=_login-run/update.php
This is NOT a paypal address.
PMAS signalled this – as is shown in the message header:
Received: from unknown ([72.54.216.109] EXTERNAL) (EHLO mail.iei-web.net) by
xxxxxxxxxxxxxxxxxxxx ([192.168.0.200]) (PreciseMail V3.0); Sun, 07 Oct
2007 06:41:42 +0100
Received: from User [62.14.249.101] by iei-web.net with ESMTP (SMTPD-9.10) id
A0F40294; Sat, 06 Oct 2007 23:39:00 -0600
Reply-To: <member_service@paypalsecurity.com>
From: "PayPal Inc."<member_service@paypalsecurity.com>
Subject: New Paypal Security Center: Update Your Account
Date: Sun, 7 Oct 2007 07:40:01 +0200
MIME-Version: 1.0
Content-Type: text/html; charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <200710062339882.SM03048@User>
What are the findings:
X-PMAS-External: unknown [72.54.216.109] (EHLO mail.iei-web.net)
X-PMAS-Software: PreciseMail V3.0 [071006] (diana.GROOTERSNET.NL)
X-PMAS-DYN_URI-OK_URL: Dynamic URI check: OK URL (0.000)
X-PMAS-VMF-OK: Envelope FROM: check: Source accepts mail for address (0.000)
Quite well so far – except the “unknown” external address.
But now the problems show up:
X-PMAS-HDR-MISSING_HEADERS: Missing To: header (1.035)
X-PMAS-HDR-CTYPE_JUST_HTML: HTML-only mail, with no text version (1.500)
X-PMAS-HDR-RCVD_FROM_UNKNOWN: Message received from host without DNS entry (4.000)
X-PMAS-HDR-NO_SPACE_FROM: From: header is poorly formatted (no space) (5.000)
X-PMAS-URI-NORMAL_HTTP_TO_IP: Uses a dotted-decimal IP address in URL (0.942)
X-PMAS-URI-IP_LINK_PLUS: Dotted-decimal IP address followed by CGI (0.708)
X-PMAS-META-FORGED_OUTLOOK_HTML: Outlook can't send HTML message only (1.101)
X-PMAS-META-MISSING_BODY_TAG: Message has </BODY> tag, but no <BODY> tag (3.000)
X-PMAS-META-MISSING_HTML_TAG: Message has </HTML> tag, but no <HTML> tag (3.000)
X-PMAS-META-FORGED_OUTLOOK_TAGS: Outlook can't send HTML in this format (5.000)
You learn something new every day
X-PMAS-META-NO_HTML_BEGIN: Message has </html> but not <html> (3.500)
X-PMAS-META-PHISHING_01: Message is a phishing scam (50.000)
X-PMAS-META-PHISHING_03: Message appears to be a PayPal phishing scam (20.000)
X-PMAS-META-LAME_PAYPAL_SCAM: Claims to be from PayPal, but no PayPal URIs (20.000)
I thought so 🙂
X-PMAS-META-CLICK_BELOW: Asks you to click below (0.727)
X-PMAS-META-BLIND_DATE3: Blind date spam (3) (20.000)
X-PMAS-Final-Score: 139.513
X-PMAS-Spam-Level: ********************+
X-PMAS-Spam: Yes
Apart from what is unusual in Paypal: no addressing header (should use your Paypal name).