FRII Break Room

Informal tech chatter from the geeks of Northern Colorado’s largest commercially available data center

PSA: Heartbleed OpenSSL Vulnerability

heartbleed vulnerability icon

The Heartbleed OpenSSL vulnerability should be taken seriously. FixedOpenSSL has been released. Please see heartbleed.org for more information. (image from heartbleed.org)

Warning: OpenSSL vulnerability.

I’ll skip trying to re-explain everything and just link to: http://heartbleed.com/

The short version is that OpenSSL versions in the last ~2 years are vulnerable to having basically any confidential information stolen. Any exploited servers are vulnerable to having previously sniffed traffic decrypted, even after patching out the vulnerability. It is recommended that you regenerate your SSL private keys and certificates, even after patching, and revoke the previous certificates with your certificate authority.

All in all, very bad. Approximately 1/3 of the Internet is effected. FRII is advising all customers to take this extremely seriously (as we are) and take every precaution. FRII has already patched all potentially vulnerable portions of our infrastructure, and any potentially compromised certificates will be revoked and replaced as soon as possible.

Mail Delivery Time Monitoring

a blue stopwatch represents timing mail delivery

You can use the same code as FRII’s team to monitor the delivery time of your email.

After the launch of our new MagicMail environment last year, in order to be completely on top of any issues that may arise, we’ve steadily added more monitoring for that system. One monitoring check that required a bit of scripting is checking the time it takes for end-to-end delivery on our system.

First of all, to view the code for this system, go here: https://gist.github.com/FRII/9748818

I won’t explain every line of those files, but I’ll be going over the general concepts of each script.

Continue reading

Spam Prevention

What is Spam?

in a list of email folders, the spam folder is highlighted for selection

Spam is an annoyance for most email users.

When FRII talks about spam (in the context of email), we’re referring to emails that are both unsolicited and bulk. For your convenience, here is a more technical definition from Spamhaus.org, a reputable anti-spam protection organization:

An electronic message is “spam” if (A) the recipient’s personal identity and context are irrelevant because the message is equally applicable to many other potential recipients; AND (B) the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent.

Legitimate marketing emails, by definition, are not spam, simply due to the fact that legitimate marketers include the unsubscribe feature, which gives recipients a way to change the permission for email to be sent. Illegitimate marketing emails, however, are spam and can be identified by their lack of an unsubscribe link. This is an important distinction when defining the term spam.

How Do Spammers Obtain Your Email Address?

Spammers are generally detestable individuals who will go to any lengths necessary to obtain your email address.

One of the most common ways that spammers obtain your email address is when you use it for online activity; this includes making purchases, registering on websites, and installing shareware or freeware applications. In the fine print of many End User License Agreements (EULA), you may inadvertently authorize the site or application owner to use your email address for marketing purposes or sell it to other “marketers” at their leisure.

Spoofing is yet another way spammers obtain email addresses. Any sender with an introductory understanding of the SMTP protocol can spoof another email address; that is, make it appear to be generating from a different sender. Then, when you see the email you believe is coming from a trusted source, you may be hoaxed into downloading file attachments or clicking links in the email message body. These attachments may contain viruses, trojans, or malware applications that specifically target your personal information including email address. Links within the email may direct you to sites that appear at first glance to be legitimate, but contain webforms for you to enter your email address or password.

Many spammers also associate with other spammers in what the Internet generation has termed Spam Gangs. These spam gangs also include hackers who willingly break into websites and stored databases for the sole purpose of obtaining as many email addresses as possible. They then, in turn, sell lists of email addresses to other spammers. If the email address has been verified as being actively viewed and monitored, they get a premium.

Preventing Spam

DNSBLs and RBLs

Domain Name Service Blackhole Lists (DNSBL), commonly referred to as Real-time Blackhole Lists (RBL), are used to publish real-time addresses of computers and domains linked to spamming and other nefarious Internet activities. Organizations like Spamhaus and Spam Rats publish their RBLs free of charge for use by Internet and email service providers as a convenient and effective way of preventing the propagation of spam throughout their networks and on to their customers. When an email server configured to use an RBL receives a new message, it performs a real-time query of the sending mail server’s Internet Protocol (IP) address to determine if it has been sending out spam. If the address checks out, the email is delivered; if the address is blacklisted, the email is delivered to the end user’s spam folder or bounced altogether.

Spam Filtering Software

Internet and email service providers also use configurable commercial software for performing keyword or character string lookups and other more advanced forms of Bayesian spam filtering to further filter spam from reaching the end user. These software applications rely considerably on user input; both from administrators and from email users.

By marking an email message as spam, users contribute to the overall health of the spam filtering application. If one user receives an email about Viagra and blacklists the word Viagra in their spam filter, that particular user will no longer receive email with Viagra in the subject line. However, if many users filter this character string in their blacklists, the Bayesian score for that keyword increases; if the quantity reaches the administrator-set threshold, then the software will automatically filter the keyword for all of its users.

Even though Internet and email service providers do their best to filter spam, spam will continue to make it through, at least for the foreseeable future. The best thing an end user can do is to continue to mark spam appropriately, so the algorithm can intelligently learn and adjust its parameters to improve its efficacy. Don’t simply delete spam; mark it as such and improve spam filtering for yourself and your peers.

Unsubscribe

Legitimate marketing email will always contain an unsubscribe link, but many spam emails will also contain the unsubscribe feature. However, you should be wary when unsubscribing, as many spammers will include an unsubscribe link simply to verify the email address is actually being used.

Only unsubscribe from trusted domains. The best way to determine if a domain is trusted is to view the header information sent with the email. If the email address domain matches the name of the server that sent it, it’s probably a trusted source. However, if you receive an email from @aexp.com that generated from a mail server in the Ukraine, the source is definitely untrusted.

Using a Public and Private Email Address

Perhaps the most effective thing an email user can do to prevent spam from reaching their mailbox is to use two email addresses: one for public and another for private use. Use your public address for registering on websites, installing software applications, and any other online activities. Your private email address should only be shared with friends, family, colleagues, and other people you trust. Keeping your private email address private will significantly aid in preventing spammers from obtaining it and bombarding your inbox with spam.

Interested in a New Email Address?

Front Range Internet, Inc. (FRII) offers several flexible email solutions for both individual and enterprise-class customers with built-in spam filtering features. If you’re interested in learning about our email and spam filtering products, please give us a call at 800.935.6527 and ask to speak to one of our account representatives.

How to use mailing lists

Types of Mailing Lists

MailingList

Mailing lists are a convenient and adaptable method for email users to manage electronic mail distributions. These lists are typically used, and are subsequently named, for one of two purposes: announcement and discussion lists. Announcement lists are used to distribute email to a group of email addresses for newsletters, periodicals, and marketing materials. Discussion lists are used to provide a forum for individuals to participate in moderated or un-moderated discussions on topics of particular interest to them.

Continue reading

Mailing Lists: EZMLM v. Mailman — Which is better?

lots of envelopes with the "at" symbol, symbolizing mass mailing through e-mail

Bulk mailings should be done using email mailing lists.

If you need to send an email to a lot of people all at once, the best way to do this is through an e-mail mailing list. Most email providers won’t allow you to send too many emails without one (for instance, FRII has a rate limit that doesn’t allow any user to send email to more than 150 recipients in any five-minute period. Here’s a link to current rate limits for some major providers). Continue reading

Bottle.py to Apache mod_wsgi

logos for Python, Bottle, and Apache

Recently I have been building some small Python-based web tools for internal usage here at the office. I decided to use Bottle for handling the request routing, etc. I happen to like microframeworks for small projects such as these. What I’m going to post here today is some of the structure I built around Bottle to integrate it with Apache httpd (mod_wsgi), and allow more easily for multiple code files.

Continue reading

Can we really trust the cloud? – Service Availability

It’s a question I hear discussed a lot (yes, the people I hang out with are so geeky that this is how we pass our time) – Can we trust the cloud? It’s not an unreasonable question, but people have a hard time coming to a consensus. In part, this is because they come at the question from different directions. Some people start talking about service availability. Others start talking about data security. Both aspects are worth looking at. Today we’re going to look at service availability.

Continue reading