BitFolk Users August 2013

users@mailman.bitfolk.com

20 participants
9 discussions

by Nigel Rantor

Hello all, Wondering if any of you have experience with this. I have two domains, wiggly.org (A) and alertferret.com (B). A has been registered since 1994. B was registered very recently, within 6 months. I run email for both of these domains on the same server, otter.wiggly.org using Exim. I have the exact same MX and SPF records for both domains; @ 3600 IN MX 10 mail.wiggly.org. @ 3600 IN SPF "v=spf1 mx -all" @ 3600 IN TXT "v=spf1 mx -all" Sending email from domain A to gmail/hotmail appears in the main inbox. Sending email from domain B end up in the spam folder for both. Now, I am wondering why this would be seeing as there has been practically no email from domain B and therefore I find it unlikely that the domain itself has been flagged. All I can see is that domain A is a lot older but I have only recently added SPF and have never really had problems with my emails from domain A being consumed by spam folders. Checking a couple of blacklist checkers I cannot find my domain or my MX on any of them. Does anyone have an idea as to why domain B would be getting caught in spam traps whilst A does not? I have had someone suggest using mandrill or other external hosted solution but quite frankly if the mail is being blocked because it is being sent from domain B then that surely wouldn't give me any improvement? Any help, ideas, thoughts or further resources would be greatly appreciated. Regards, Nigel

10 years, 4 months

Increase of base data transfer allowance to 400GB/mo

by Andy Smith

Hi, From 1st September we are increasing the inclusive data transfer allowance of the base VPS from 300GB per month to 400GB per month. Those of you who were paying for extra data transfer above 300GB per month may wish to check if you want to reduce your commitment. If so you should contact support(a)bitfolk.com before your next renewal. Cheers, Andy -- http://bitfolk.com/ -- No-nonsense VPS hosting _______________________________________________ announce mailing list announce(a)lists.bitfolk.com https://lists.bitfolk.com/mailman/listinfo/announce

10 years, 10 months

rsync between VPS's for backup

by Murray Crane

Just "testing the waters" at this juncture, making sure that our plan isn't going to make Andy angry or anything like that. I have two VPS's with bitfolk; my personal one and one that I am donating to the virtual airline I am currently president of (on separate servers). I'm thinking that for the purposes of backup of the VA VPS, I can rsync the web folder over to a holding area on my personal VPS on a daily basis, and do more traditional "everything" backups (again, rsync) less frequently. Is this feasible/considered an "OK" thing to do (Andy)? Would I be better off raising a support ticket to have the backups done by Bitfolk (assumes you're not already, o'course)? Kind regards Murray Crane

10 years, 11 months

Configuring Exim to make manual routing decision based on MX records of recipient domains

by Andryan

Hi guys, I am new at customizing Exim and I am using an ESP to get my customers' emails to be received in the Inbox of Gmail/Hotmail/Yahoo. At the moment I do this by manually routing the domains (manualroute router of Exim for domains gmail.com, yahoo.com, hotmail.com, ymail.com, etc.) There is a problem with this configuration. If one day one of these free email providers offer new domains or in Google's case people use Google Apps for their domain or Windows Live Domains, there is no way I can list down all the domains for the Exim manualroute router. These emails would then be delivered through the normal remote_delivery and I cannot take advantage of my ESP services. I did my research on this and found out that I need a dnslookup router with mx_domains directive (rather than manualroute) to be able to make decision based on the MX of the recipients' domain. Now I came to a problem where I cannot use mx_domains inside manualroute, nor use route_list inside dnslookup. How do I get around this problem? Is there a clever trick to be able to achieve what I need? I was thinking the solution shall remain to be a manualroute router with additional condition to do a lookup on the recipients' domains MX records. Can a perl script be implemented to achieve this? I tried using ignore_target_hosts in manualroute, but unfortunately that didn't work because the target_hosts would then be my ESP's server rather than the recipient domain's MX. Thanks in advance! References: http://www.volker-wegert.de/en/node/35 https://lists.exim.org/lurker/message/20050813.081640.a0005637.de.html#exim…

10 years, 11 months

Apache Overwhelmed

by Michael Corliss

Hello, My site was running very slowly this morning, and when I looked at top it showed a lot more apache processes than usual. My apache logs show several generic-looking requests per second all day, all from different IPs but the same user agent: 203.177.174.141 - - [25/Aug/2013:06:57:46 +0000] "POST / HTTP/1.1" 200 > 26622 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 117.7.236.73 - - [25/Aug/2013:06:57:46 +0000] "POST / HTTP/1.1" 200 26622 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 216.178.85.218 - - [25/Aug/2013:06:57:46 +0000] "POST / HTTP/1.1" 200 > 29841 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 49.206.63.20 - - [25/Aug/2013:06:57:46 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 59.149.127.101 - - [25/Aug/2013:06:57:47 +0000] "POST / HTTP/1.1" 200 > 29841 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 111.254.38.56 - - [25/Aug/2013:06:57:46 +0000] "POST / HTTP/1.1" 200 26622 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 190.154.108.28 - - [25/Aug/2013:06:57:46 +0000] "POST / HTTP/1.1" 200 > 29841 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 60.240.213.10 - - [25/Aug/2013:06:57:48 +0000] "POST / HTTP/1.1" 200 18876 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 41.74.72.186 - - [25/Aug/2013:06:57:48 +0000] "POST / HTTP/1.1" 200 26622 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 5.166.34.40 - - [25/Aug/2013:06:57:48 +0000] "POST / HTTP/1.1" 200 26622 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 213.57.146.253 - - [25/Aug/2013:06:57:49 +0000] "POST / HTTP/1.1" 200 > 26622 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 188.245.63.129 - - [25/Aug/2013:06:57:49 +0000] "POST / HTTP/1.1" 200 > 29841 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 171.97.140.82 - - [25/Aug/2013:06:57:48 +0000] "POST / HTTP/1.1" 200 13140 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 188.136.214.3 - - [25/Aug/2013:06:57:49 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 74.197.170.177 - - [25/Aug/2013:06:57:49 +0000] "POST / HTTP/1.1" 200 > 29841 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 106.241.51.51 - - [25/Aug/2013:06:57:49 +0000] "POST / HTTP/1.1" 200 21900 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 178.32.159.163 - - [25/Aug/2013:06:57:50 +0000] "POST / HTTP/1.1" 200 > 25746 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 110.55.2.241 - - [25/Aug/2013:06:57:50 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 97.66.102.42 - - [25/Aug/2013:06:57:50 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 2.181.22.211 - - [25/Aug/2013:06:57:51 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 95.58.227.174 - - [25/Aug/2013:06:57:52 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 91.84.209.34 - - [25/Aug/2013:06:57:52 +0000] "POST / HTTP/1.1" 200 25078 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 80.187.102.48 - - [25/Aug/2013:06:57:52 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 80.187.102.48 - - [25/Aug/2013:06:57:52 +0000] "POST / HTTP/1.1" 200 9101 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 80.187.102.48 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.1" 200 25746 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 162.40.113.3 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.0" 200 29739 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 74.246.72.161 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 69.31.103.15 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.1" 200 18824 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 95.56.48.194 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.1" 200 0 "-" > "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 91.234.62.104 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.1" 200 26622 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 117.201.49.234 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.1" 200 > 26622 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 110.93.93.232 - - [25/Aug/2013:06:57:54 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 49.144.94.153 - - [25/Aug/2013:06:57:54 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 49.206.63.20 - - [25/Aug/2013:06:57:54 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 75.5.224.39 - - [25/Aug/2013:06:57:54 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 222.253.203.151 - - [25/Aug/2013:06:57:54 +0000] "POST / HTTP/1.1" 200 0 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 116.71.205.203 - - [25/Aug/2013:06:57:54 +0000] "POST / HTTP/1.1" 200 > 29841 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 76.231.201.4 - - [25/Aug/2013:06:57:54 +0000] "POST / HTTP/1.1" 200 29841 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > 113.185.6.125 - - [25/Aug/2013:06:57:53 +0000] "POST / HTTP/1.1" 200 20250 > "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" > This goes on and on. I've stopped apache and everything seems to be working normally. I've found some suggestions that this UA is associated with malicious bots; is this a DDOS? Who would want to DDOS a piddly discussion forum? Any advice on making it useable again? Thanks, Mike

10 years, 11 months

FrOScon 2013

by Andy Bennett

Hi, Is anyone planning on attending FrOScon in Cologne next weekend (24th / 25th)? I'll be there, offering my presentation to the LISP track. If anyone else is going then I'd be pleased to meet for beers or at the BBQ in the evening. Regards, @ndy -- andyjpb(a)ashurst.eu.org http://www.ashurst.eu.org/ 0x7EBA75FF

10 years, 11 months

Change of postal address

by Andy Smith

Hello, This is probably only of interest to the tiny minority of you who pay by cheque. BitFolk has changed postal address. You can find the new address at: https://bitfolk.com/contact.html and on invoices raised from this point onwards. Cheers, Andy -- http://bitfolk.com/ -- No-nonsense VPS hosting _______________________________________________ announce mailing list announce(a)lists.bitfolk.com https://lists.bitfolk.com/mailman/listinfo/announce

10 years, 11 months

WordPress - the attack continues

by Ian

On one server, Fail2ban has banned over 150 IP addresses so far today for attempting to hack into WordPress sites. (If you run WordPress and you don't have protection against this, you need it!) The volume is such that it managed to crash the MySQL server on one VPS today. One suggestion I have seen is to use Apache's authorisation to limit access to wp-login.php, but that a) involves telling a bunch of real people a password and some of them could forget their own name and b) increases the size of the apache process by about 20% over the slimmed down version with as few modules enabled as possible that I have been running. Anyone have any other suggestions? Ian

10 years, 11 months

[OT] Anyone got a Google Nexus 4 running stock 4.2.2 (rooted)?

by Murray Crane

Totally OT for the list, and I'd be more than happy taking this off list at the first opportunity. Do any of you lovely folk have a Google Nexus 4 running stock Jelly Bean 4.2.2 (rooted)? I changed over to a modified NFC stack (the detect NFC tag removal one) but like a fool I forgot to keep a copy of NfcNci.odex, and I need both the .apk and .odex to OTA to 4.3. It's in /system/app and you'll need Root Explorer (or similar) to copy it out to send it on. Kind regards Murray Crane

10 years, 11 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

BitFolk Users August 2013