Posted on by SYSMGR

01-Jan-2018

Cleaning up 2017
The new years starts with some house-keeping of last year. No surprises, mail is still mostly rubbish:

PMAS statistics for December
Total messages    :   3082 = 100.0 o/o
DNS Blacklisted   :      0 =    .0 o/o (Files:  0)
Relay attempts    :    405 =  13.1 o/o (Files: 31)
Accepted by PMAS  :   2677 =  86.8 o/o (Files: 31)
  Handled by explicit rule
         Rejected :   1836 =  68.5 o/o (processed),  59.5 o/o (all)
         Accepted :    171 =   6.3 o/o (processed),   5.5 o/o (all)
  Handled by content
        Discarded :    445 =  16.6 o/o (processed),  14.4 o/o (all)
     Quarantained :    204 =   7.6 o/o (processed),   6.6 o/o (all)
        Delivered :     21 =    .7 o/o (processed),    .6 o/o (all)

Just two days show a larger amount of relay attempts:

  • 14-DEC-2017 03:26:10.51 to 03:29:14.29 (190) (23.254.204.176)
  • 22-DEC-2017 04:20:08.50 to 04:24:03.01 (184) (104.168.134.210)

    • trying to send a mail from a (bogus user)@grootersnet.nl to 1029mandaditos@gmail.com, both addresses are owned by Hostwinds.com. Quite possible that the router should have blocked them, since I’ve blocked addresses from Hostswinds.com there, but it is possible that these addresses are not properly set (both are /17 addresses according analysis, and since the sender address is forged, so could be the sender address…)
    Anyway, I notified hostwinds.com of these attempts – there have been similar attempts in November).

    BTW: A (real user)@grootersnet.nl to any other outside address will fail as well, since PMAS has a rule to reject any grootersnet.nl sender from outside the local domain…

    Next is a manual job: Moving all 2017 data into one location. That’s the next job tonight.

    Failed certification renewal
    There were a few things to do here.
    First, I needed to update WCME, I was still running the first version (1.0.0) and a new one (1.2.0) was already downloaded but never moved to VMS and installed there. So that was the first activity to do. Next, it failed – again – even after replacing the INSTALLed executable. As it turned out, it was a matter of directory access protection. After that, genealogy.grootersnet.nl got a new one, but webmail and homedesk failed again – due too many failed renewals. So I have to wait some time and retry. But since genealogy.grootersnet.nl does have the new certificate, I guess these two will be renewed as well soon.

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.