Licenses terminated….
When trying to access the system to see how processing of last month’s data had worked, I could no longer login: “License terminated”. That means that all have terminated. Fun pasrt is though, that it seems that everyting that IS running, keeps running: the web, mail…Only when a a new session is toe be opened, it fails.
But I already got the new ones, to 31-Dec-2011. The only problem was: how to load them. Since I could no longer login, and I probably couldn’t start a new FTP session for the same reason (which, to be honest, I didn’t try), there was no alternative than to stop the machine the hard way by CTRL-P and minimal boot; next I had to enter a new password since the old one was expired as well, and enter the basic licences by hand: OpenVMS -Alpha, OpenVMS-Alpha-User and, in order to get the whole file to the system, UCX. Once that was done and the system was restarted, I could FTP the license-procedure, login on the VMS box and run the procedure. A last reboot made it all work again.
So next, I could do the checkup:
PMAS statistics for March
Total messages : 5503 = 100.0 o/o
DNS Blacklisted : 420 = 7.6 o/o (Files: 31)
Relay attempts : 4108 = 74.6 o/o (Files: 31)
Accepted by PMAS : 975 = 17.7 o/o (Files: 31)
Handled by explicit rule
Rejected : 141 = 14.4 o/o (processed), 2.5 o/o (all)
Accepted : 367 = 37.6 o/o (processed), 6.6 o/o (all)
Handled by content
Discarded : 77 = 7.8 o/o (processed), 1.3 o/o (all)
Quarantained : 360 = 36.9 o/o (processed), 6.5 o/o (all)
Delivered : 30 = 3.0 o/o (processed), .5 o/o (all)
I’m not surprised by the number of relay attempts; most did occur on March 7th, 8th and 10th, resultinmg in files over 100 blocks in size – all over 700 lines – all Chinese (126.com, 21cn.com, sohu.com) – I’ve seen them before. Allways trying to access (non-existing) accounts at internl.net – my provider).
tr_route floods
There have been several signals by the router last montsh, mainly because of tr_rout flooding attempts. These may cause trouble with the router, most notable that the VMS box looses track of the router – so no HTTP or HTTPS traffic is possible. SMTP however is no problem, that does continue.
For this reason, the router is now automaticly rebooted, and since I cionfigured the router that way, I didn’t encounter this issue anymore. But I have the addresses – and it looks an anonymizing site is used.
In itself, I don’t have a problem when people want to surf the internet, but these abusers cause a lockout for well-behaving people. I could of course try to find out who are behind these attacks – and what sites allow them to do so anonymously. But the only way might be to create a list of these addresses and request all ISP’s to block them alltogether…
Fiber is coming
The fiber has been laid down until the house, and next week, I’ll get my connection installed. NEsxt is to get a new, fixed IP-address, connect the LAN to the Fiber and request a change in DNS, so this site will be accesable on a much higher speed. Stay tuned