New Year cleanup
2018’s last mail statistics:
PMAS statistics for December
Total messages : 2269 = 100.0 o/o
DNS Blacklisted : 0 = .0 o/o (Files: 0)
Relay attempts : 270 = 11.8 o/o (Files: 31)
Accepted by PMAS : 1999 = 88.1 o/o (Files: 31)
Handled by explicit rule
Rejected : 1374 = 68.7 o/o (processed), 60.5 o/o (all)
Accepted : 142 = 7.1 o/o (processed), 6.2 o/o (all)
Handled by content
Discarded : 289 = 14.4 o/o (processed), 12.7 o/o (all)
Quarantained : 169 = 8.4 o/o (processed), 7.4 o/o (all)
Delivered : 25 = 1.2 o/o (processed), 1.1 o/o (all)
Just one day with a larger amount of relay attempts – as usual, it seems, using bogus grootersnet.nl senders from Hostwinds.com, trying to reach that single gmail address:
14-DEC-2018 01:03:27.69 - 01:07:32.90 (242 entries) from 108.174.197.195
All files that were created in 2018 have now been moved to their archive directory, ready to be stored offline.
Blocked sites
The last few weeks there is a new spammer on the block, sending via, or from, Amazon AWS servers. Also, some AWS connections were trying to access the webserver with over 50 connections, port by port. What I found out in the logfiles, have now been blocked in the router, in order to block that type of applications altogether, when arriving via Amazon.
This has been done with quite a number of sites last year, causing a significant drop in spam messages, but the router could be quite busy when these sites try to get in continuously. The plan is to notify these (otherwise well-behaving) providers that their systems are used by ill-behaving clients, but whether that will prevent problems remains to be seen.
DHCP trouble
Last week, I tried to cleanup DHCP a bit, because there should be one address for most services: the cluster alias. But where this works fine, it made the DHCP server non-responsive. No errors, no logging, it just didn’t react on requests. So I revered one or two settings to be Diana, and now it does work again… In retrospect, I may have known: the default location of the protocol-environment is SYS$SYSDEVICE:[TCPIP$DHCP] where other services reside on SYS$SPECIFIC:.