HIS News and Status Announcements

Over the past few months we’ve seen an enormous jump in the number of password-guessing attacks on our mail servers.  The attackers are spammers who are trying to get access to legitimate accounts so they can send spam.

We have software in place that identifies and blocks these attacks, but if a password is too easy to guess the attacker can guess it before the ‘this is an attack’ threshold is reached.   When this happens, the victim gets a flood of bounce messages for email they never sent, and when we detect the hijacking we have to lock the account and coordinate with the victim to set a new password, an inconvenience for everybody.

There’s a somewhat geeky but appropriate cartoon that describes a technique for generating passwords that are hard to guess but easy for you to remember at http://xkcd.com/936/.

If your account is on mail.his.com or one of our other Zimbra servers, you can change your password by logging on to webmail and clicking the ‘Preferences’ tab.

Many his.com and hers.com users have received email with a subject similar to:

Re: Fwd: Your Flight Order N977-1214807

… that supposedly came from American Airlines, but the return address (forged) is support@his.com.

If you have received one of these messages, delete it, an definitely do not click on the link provided to “download your ticket.”  The link looks as if it goes to www.aa.com, but if you click on it you are  actually sent to a server in Colorado that will attempt to put malware on  your computer.

We are able to stop nearly all junk like this before it gets to you, but spammers are clever and this one came up with a trick that allowed the messages to slip by 3 separate layers of spam and virus filtering.

mail.his.com developed a problem at about 6:25 EST Tuesday evening.  We are working on it and will post an update here shortly.

Update, 8:45 PM EST:  still working on the problem.   Mail that has arrived since the server went down at 6:25 PM is queueing on backup servers and will be delivered as soon as the server is back up.

Update, 9:20 PM EST:  mail.his.com has been restored and incoming mail queued for delivery is being delivered.

All Zimbra servers have been updated to the latest release, 7.1.3p1.

The mail.his.com upgrade on Sunday was successful, and we’re getting a lot of compliments on the new server, especially the new webmail (https://webmail.his.com).

The most common problem has been the need to turn on SMTP authentication in mail clients (Outlook, Thunderbird, etc.) – when this isn’t set the symptom is that you can receive mail but you can only send to his.com or hers.com addresses.  There’s more information on this at https://support.his.com/kb/kb/browse/001840

FYI, if you have an account on mail.his.com, your email address will work as either username@his.com or username@hers.com – use whichever you prefer.

We switched mail.his.com over to a much faster platform at 11 AM today, Sunday, 11/13/2011.

The transition has been pretty smooth considering that this is a major upgrade.

We have compiled a list of frequently asked questions at https://support.his.com/kb/kb/browse/001840

If you’re having problems, open a support ticket at https://support.his.com – if you’re unable to receive mail, include your name and phone number so we can call you.

mail.his.com experienced a problem today (10/31/2011) that caused some incoming mail to be delayed (incoming mail should be delivered within about 1 second).  We have diagnosed the problem and the backlog of queued incoming messages is being delivered now.  Outgoing mail was not affected.

Power failed at our Maryland hosting location at 7:20 PM today (9/13/2011) and the facility is operating on generator backup.  All operations are normal and service has not been interrupted.

Update:  utility power was restored at 8:27 PM and the facility automatically switched from generator backup to mains power.  No service impact.

All Zimbra email servers have been upgraded to the latest version, with all current patches:  7.1.1_GA_3196

FYI, all Zimbra users have the ability to restore any mail that they have deleted during the previous 30 days, even if they’ve emptied their trash.  Admin assistance is not needed.  Log on to the Zimbra web interface and right-click on the  icon, and select “Recover Deleted items”

NOAA currently predicts that the path of Hurricane Irene will impact our Virginia, DC, Maryland and New Jersey hosting locations Saturday 8/27/2011.

All HIS facilities in these areas are secured and equipped with backup power and redundant backbone connectivity, and we do not anticipate any service impacts at this time.  HIS staff will be on duty 24/7.

Status updates will be posted here on status.his.com.   Click here for NOAA storm path updates. Google path prediction:  crisislanding.appspot.com News updates and radar: NWS Radar

Update: the storm has passed through the DC/MD/VA area.  Our MD and VA facilities have been operating on generator power since 3:15 AM today (8/28).  There has been no service or uptime impact.    8/28/2011 11:55 AM

Update:  power has been restored at the facilities that were running on generator backup as of 11 PM 8/28.  No impact on service.  The storm has also passed our NJ facility, with no impact on service.  8/28/2011 11:05 PM