Maintenance and required updates
Last night’s maintenance run had no surprises:
PMAS statistics for September
Total messages : 4064 = 100.0 o/o
DNS Blacklisted : 0 = .0 o/o (Files: 0)
Relay attempts : 374 = 9.2 o/o (Files: 30)
Accepted by PMAS : 3690 = 90.7 o/o (Files: 30)
Handled by explicit rule
Rejected : 2873 = 77.8 o/o (processed), 70.6 o/o (all)
Accepted : 160 = 4.3 o/o (processed), 3.9 o/o (all)
Handled by content
Discarded : 380 = 10.2 o/o (processed), 9.3 o/o (all)
Quarantained : 262 = 7.1 o/o (processed), 6.4 o/o (all)
Delivered : 15 = .4 o/o (processed), .3 o/o (all)
A peak on relay attempts was on 05-Sep-2017: 350 times from address 220.127.116.11, using sender “firstname.lastname@example.org” trying to reach “email@example.com”, between 17:23:10.21 and 23:32:56.63. Except for one message, using sender address “firstname.lastname@example.org″ (does this one use DNS translation to get the domain name? Looks like it).
Anyway, this host is located in Mexico:
Hostname = fixed-187-188-81-84.totalplay.net
City = Naucalpan, Estado de Mexico MX
Latitude/Longitude = 19.4794,-99.2383
Postal Code = 53370
and WHOIS gave me:
Description:TOTAL PLAY TELECOMUNICACIONES SA DE CV
owner:TOTAL PLAY TELECOMUNICACIONES SA DE CV
responsible:Alejandro Enrique Rodriguez Sanchez
address:PERIFERICO SUR, 4119, FUENTES DEL PEDREGAL
address:14140 – TLALPAN – CX
phone:+52 xxxxxxxx 
just that period, no more.
The address is listed in a number of blacklists as spammer. No wonder if your relay is open…
But why try 350 times and in rather shorty bursts when every attempt does not succeed? Perhaps trying to cause mail service on a Linux server to fail. But PMAS has done a good job by refusing”grootersnet.nl” from outside my LAN.
Not on this box.
But before I could check the log, I had trouble logging in: username and password returned to the password prompt without message. The Powerterm session that is the actual Alpha console was not responsive – hadn’t been whole week. As it turned out, there was no physical connection: there is a pair of connectors in between and I probably stumbled into the cable and caused the to come loose, as well as the USB-based RS232-interface. Got that working again, and since I was logged in on this terminal, I could access the machine – and try a
$ Telnet 0 session. That failed: License expired. This makes sense since the expiration date of this license-2017 set was 30-Sep-2017. I thought I had installed the licens-2018 set (that came with the Itanium licenses) but it turned out I didn’t load the 2018 set, which is valid up to March next year. However, the file was already present on Diana so running it solved that problem.
A similar thing has happened on Daphne – the Personal Workstation – that I started up. The scripts didn’t exist there so I had to be somewhat creative:
$ Set time=yesterday
$ reboot ! (since the box is in a cluster, that will set time correctly)
Now I can get on on that machine to set up NxtWare (Samba needs to be installed with the older version)
Before entering this post, I updated WordPress to the latest version (4.8.2) and Akismet (4.0), changed the blog logicals accordingly – also in the startup script that sets them on boot. No issues.