02-Jan-2012

Started with updates
Daphne – a Personal Workstation 500au – has been set up in the cluster and runs VMS 8.4, WASD 10.1, MySQL 5.1.46, PHP 5.3 and WordPress 3.3 – so it’s up-to-date – so far. The latest Pythion disk-images have been copied as well but these were not yet installed.
I copied the WASD-configuration files, since the naming convention of WASD has changed, this doesn’t interfere with the current files, so I can adhere to the preferred setup. It took some time and some tweaking, and some firewall changes, and the principle works. But to be able to do nice things from the outside, I needed to setup SSH which I forgot.
That’s not a big issue, there are other ways to get it done. But at least, the redesign and re-implementation has started….
Bogus users and another source of spam
The amount of new bogus users stopped for a while but on January 1st alone, I got several on the wiki and blog. None can do anything – but I’ve disabled them all.
And PMAS located two messages that appeared to be sent from the grootersnet.nl domain, uisng Communigate PRo:
Received: from DIANA.INTRA.GROOTERSNET.NL (192.168.0.2)
by diana.intra.grootersnet.nl (V5.6-ECO5, OpenVMS V8.3 Alpha);
Mon, 2 Jan 2012 15:06:54 +0000 (UTC)
X-PMAS-MAIL-FROM: 0-oxnard@cofimco.com
Received: from unknown ([121.188.216.243] EXTERNAL) (EHLO kdn.ktguide.com) by
diana.INTRA.GROOTERSNET.NL ([192.168.0.200]) (PreciseMail V3.2); Sun, 01 Jan
2012 17:16:47 +0000
Received: from 121.188.216.243 (account HELO
grootersnet.nl) by grootersnet.nl (CommuniGate Pro SMTP 5.2.3) with ESMTPA id
265743481 for
; Mon, 1 Jan 2012 02:16:44 +0900
From:

and

Received: from DIANA.INTRA.GROOTERSNET.NL (192.168.0.2)
by diana.intra.grootersnet.nl (V5.6-ECO5, OpenVMS V8.3 Alpha);
Mon, 2 Jan 2012 15:05:42 +0000 (UTC)
X-PMAS-MAIL-FROM: 0-cnc@vietfracht-hcm.com
Received: from pp078-nas04-Baku-AZ.connect.az ([91.191.196.78] EXTERNAL) (EHLO
pp078-nas04-Baku-AZ.connect.az) by diana.INTRA.GROOTERSNET.NL
([192.168.0.200]) (PreciseMail V3.2); Fri, 30 Dec 2011 15:47:15 +0000
Received: from 91.191.196.78 (account HELO
grootersnet.nl) by grootersnet.nl (CommuniGate Pro SMTP 5.2.3) with ESMTPA id
433927373 for
; Fri, 30 Dec 2011 19:47:13 +0400
From:

These do not originatie from my domain. I’ve tested Communigate a long time ago (on a now decommissioned machine – guess what: I used a DECServer3000 for testing) so I know yiou can set it up to handle mail for a particular domain – but since mail to my domain is routed elsewehere (to my server…) they won’t get anything; but still the software can be set up to handle messages as if sent from any domain….Bugus, in this case. I’ve got to dig where these misconfigurations exist and notify them – or law enforcement, if needed – to get this misbehaviour blocked.
Yes – these could also be forged….
To show what a REAL grootersnet.nl messages will look like: take a look at this page.