03-Aug-2018

Maintenance and updates
Know since last post, there is a new version of WordPress, that I installed prior to this entry. No issues, as to be expected (so far).
Last maintenance job had no surprises:

PMAS statistics for July
Total messages    :   2375 = 100.0 o/o
DNS Blacklisted   :      0 =    .0 o/o (Files:  0)
Relay attempts    :    485 =  20.4 o/o (Files: 31)
Accepted by PMAS  :   1890 =  79.5 o/o (Files: 31)
  Handled by explicit rule
         Rejected :   1469 =  77.7 o/o (processed),  61.8 o/o (all)
         Accepted :     91 =   4.8 o/o (processed),   3.8 o/o (all)
  Handled by content
        Discarded :    189 =  10.0 o/o (processed),   7.9 o/o (all)
     Quarantained :    126 =   6.6 o/o (processed),   5.3 o/o (all)
        Delivered :     15 =    .7 o/o (processed),    .6 o/o (all)

Just two days of over 150 relay attempts – from addresses owned by Hostwinds.com (USA) – as ususal trying a random choice of “users” in the grootersnet.nl domain, sending to 1029mandaditos@gmail.com:

  • 6-JUL-2018 07:25:43.45 – 6-JUL-2018 07:31:34.10 from 23.254.167.136 (182 attampts)
  • 23-JUL-2018 21:15:57.79 – 23-JUL-2018 21:22:00.25 from 142.11.195.132 (185 attempts)
  • There has been another one this time:

  • 28-JUL-2018 05:22:48.21 – 28-JUL-2018 13:37:31.45 from 95.216.32.207 (75 attempts)
  • Again, using non-existing users in my domain,. but this one seems to think this is a business site, The ‘users’ attemptes were possible departments and (presubaly privileged) users (some several times in a row), all trying to reach pastarleastan@gmail.com:
    webmaster, postmaster, admin, backup, canon, contact, copier, mail, marketing, test1, test2, info, office, prueba, reception, root, sales, scanner, service, support, teste, vendas, warehouse and Xerox

    There is some controiversy on this address when observing it via Robtex.com:

    95.216.32.207
    whois
    D2 Internet Investment Ukraine ETTH broadband
    route
    95.216.0.0/16
    bgp
    AS24940
    asname
    HETZNER-AS
    descr
    Dummy description for 95.216.0.0/16AS43659
    location
    Ukraine
    ptr
    static.207.32.216.95.clients.your-server.de
    a
    95.216.32.207

    Could it be a hacked DNS server in Ukraine??

    Certificates updated
    All certificates *except still for www.grootersnet.nl) have been updates successfully – twice: on 2-Aug-2018 I got the mails for the sites, and on 3-aug-2018 again. I didn’t expect the second ones to appear, since the day before the certificates have been renewed already, and should have been moved to thir location;
    FULLCHAIN_GENEALOGY_GROOTERSNET_NL.PEM;5
    2-AUG-2018 00:20:15.24
    FULLCHAIN_HOMEDESK_GROOTERSNET_NL.PEM;5
    2-AUG-2018 00:20:32.67
    FULLCHAIN_WEBMAIL_GROOTERSNET_NL.PEM;6
    2-AUG-2018 00:20:55.50

    But these do not exist in the location where they are created – there are the ones created a day later:
    FULLCHAIN_GENEALOGY_GROOTERSNET_NL.PEM;5
    3-AUG-2018 00:20:15.41
    FULLCHAIN_HOMEDESK_GROOTERSNET_NL.PEM;5
    3-AUG-2018 00:20:30.39
    FULLCHAIN_WEBMAIL_GROOTERSNET_NL.PEM;6
    3-AUG-2018 00:20:45.02

    Well, that may be the reason for the second run: if no files reside in there, they will be (re)created. However, these files have not been copied to the final destination …
    Well, it works so this is not a high priority issue. Just check WCME_LOAD: script to see if files are copied and after that, removed. That stap is not needed…

    Bringing nodejs to VMS?

    At work, colleagues are creating a web application using nodejs (https://nodejs.org) and I thought it a good idea to have this on VmS as well. After all, what OS is more suited for storing and accessing sensitive data the OpenVMS? However, you’ll need the tooling that is available on aother platforms as well. There is webserver (Apache, WASD (preferred), PHP, MariaDB … so why not node.js?
    At first glance, there are a “few” challenges, because node.js has dependencies – quite a lot – that need to be ported as well. One of whci is Google’s a javascript engine V8. (Being part of Chrome browser – why not port Chrome to VMS (just a thought)).

    I’ll see how this enfolds. No real plans – yet.

    Speaking of which: I mentioned I got new versions of Mosquitto and paho, but I ran into some issues with the libraries: Some functionality seems to be missing – in particular the asynchronous sending and receiving. But I hope to tackle that soon.

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.