Corporate Blog

Our new rates

16 February 2025 22:43:33 +0000

We sent the following information to our existing clients on 14 February 2025:

As we advised on 29 November 2024, we have a new retail rate system. These rates are already in effect for new clients, and they go into effect today for existing clients. Invoices issued this month will use the new rates.

Our rates page will be updated next week, but here is a summary of the changes:

Web hosting: Hosting a website will now cost only US$10/C$15 per month, down from up to US$40 per month. (More on exchange rates in a moment, especially for you Canadians.) As we said in November, this will cover websites of all sizes that we currently host. If a company with a website the size and complexity required by the likes of Google or Microsoft shows up, this will not apply, and we will quote on their specific needs. Aliasing additional domains to the same website will be done at no additional charge.

DNS/nameserver hosting: NinerNet will provide DNS hosting for US$20/C$30 per year per domain, which is the same as our current rate. Almost all of our clients have only one domain. If a client has two domains (for example) aliased to the same email and/or web hosting we will offer significant discounts. So if someone has example.com and example.net pointing to the same website and/or the same email accounts, they will not both be US$20 but the second will be discounted.

Email hosting: We will no longer offer “bundles” of email accounts: if you want one email account, you will pay for one email account; if you want a thousand email accounts, you will pay for a thousand. No longer do you have to upgrade to the next package if you want to go from five email accounts to six. Email accounts will be US$4/C$6 each per month and will include 25 GB of disk space — room for about 3.6 million average-sized email messages that don’t contain any attachments like cat videos. 🙂 Of course, some of your emails will contain cat videos, not to mention product catalogues, company videos, etc. That’s OK!; you’re allowed to send and receive those. For managing the amount of space you use on the server we have long recommended an archiving scheme. If you choose not to use an archiving scheme like that, that’s OK, you’re allowed to do that too, and when your email account grows to exceed the 25 GB we include, then we’ll start invoicing you for the additional space you need at the same rate of US$5/C$7.50 per 100 MB per month in 100 MB increments. You can use the mail server control panel to determine how much space each of your email accounts are using.

Other things you should know:

Currency exchange rates: Our rates are based on the US dollar. This is because, as you know, international commerce is largely based on that currency, and American companies have largely cornered the market on providing top-of-the line IT services like data centres. (Largely, not totally.) For currencies like the Canadian dollar the exchange rate has generally remained fairly stable; for the Zambian kwacha this has not been the case, and we revised our kwacha rates quarterly, sometime putting prices up, sometimes taking them down. Zambians are used to this but Canadians are not. However, due to the unpredictable economic landscape between the US and Canada these days (bad timing on our part!), the value of the Canadian dollar in US dollars has taken a dive. This has resulted in our Canadian-dollar rates increasing. Our current exchange rate of 1.5 will not remain that way for years though, as we’ll keep an eye on it and adjust it if necessary, but likely not more than once a year.vWhen we start to accept payment in kwachas again, we’ll likely go back to quarterly revisions, while the US dollar rates on which other currencies’ rates are calculated will remain the same barring any major changes.

Do I need to pay something different even if my hosting is not expiring for a few months?: If you have already paid for hosting and have an expiry date in the future, your rates and your hosting will not change until your next invoice.

Can I continue to be invoiced annually?: This will likely depend on the nature of your account. For many clients you will continue to be invoiced annually if you had previously chosen to be. If you have managed your account in a more fluid fashion, changing the quotas of your email accounts with some regularity and adding and removing accounts more often, then you will likely be invoiced quarterly. This will actually affect very few clients, but it will affect some.

Will the disk quotas of individual accounts be managed and charged for separately?: No, entire domains will be assigned a disk space quota based on the number of email accounts they need. So if a client needs 10 email accounts, their domain will be assigned a quota of 250 GB (10 x 25 GB). If you want to assign a small quota of 10 GB to one account and a quota of 50 GB to another, you can. This would mean one or more accounts could use more disk apace than other accounts and not incur greater charges.

We look forward a new rate system that more fairly charges based on actual usage, and doesn’t railroad clients into accepting bigger packages just because they need one more email account. We emphasise once again that most clients will not see their total invoices change, and some will even see their charges decrease. We remain open to any feedback on the new system. Thank-you.

Tags: accounts receivable, billing, email, invoices, paying your bill, paying your invoice, rates, transparency
Categories: Announcements
No Comments »

Microsoft issue update, and our invoices are very late this month

30 June 2024 23:58:21 +0000

Due to a number of factors this month, our invoices are about as late as they have ever been, for those of you who are being invoiced this month.

As is often the case when things don’t go right, there wasn’t any single factor that caused this; it was the result of a number of factors, not the least of which was the considerable amount of time we spent dealing with the block of our mail server implemented by Microsoft. You know how important working email is to you, and it is not lost on us how important email is to you and therefore our business. So we literally dropped almost everything (including this month’s invoicing!) to deal with and mitigate the problem caused by Microsoft. In fact, on 28 June (Friday) we updated our blog post about this at:

NC036: Significant issue with delivery of email to Microsoft-hosted domains

You’ll find the update at the bottom of the post with Friday’s date on it in bold. The situation now is essentially that we are back to where we were before Microsoft started bouncing mail to domains they host on 20 June; in other words, to use the term used by some of you, the situation is “resolved”, and we’re back to dealing with individual bounces as necessary. Email bounces sometimes; it’s a fact of life. It’s the email system’s feedback loop to ensure that you know what has happened to an email you send if it wasn’t delivered as you expect. No news is generally good news, as that means your message was delivered, and now you’re waiting for the human on the other end to reply.

Also in the last two weeks we’ve had to address situations with two clients that were expecting different outcomes on issues they had brought to our attention; one of them has been dealt with as far as we can at this point, and the other will be dealt with right after our invoices go out shortly. We apologise to both clients who had to deal with the fact that we couldn’t give them as much attention as quickly as we usually do when clients need us. As of a couple of hours from now, everything will be back to normal, and we thank those clients and all of you expecting invoices on 15 June for your patience.

The date on our invoices will be 28 June (the most recent business day this month), and the suggested pay-by date is 19 July. However, if you are being invoiced this month please pay close attention to the expiry dates of your services and/or domains, as if they are before 19 July you do either need to pay your invoice before the earliest expiry date noted on your invoice, or contact us to make arrangements to ensure that we are aware that you will pay your invoice so that we renew your domains or services so that they stay online. Those of you who are again scheduled to be invoiced on 15 July will see your June balance carried forward, if you haven’t paid your June invoice yet, but since we don’t charge interest on unpaid balances this will not negatively affect anyone.

We apologise for making you do so much reading lately, and I can assure you that we work very hard to ensure that our systems run as close to 100%, 100% of the time as possible. We’ll never reach 100%, 100% of the time — nobody does, even Microsoft and Gmail — but the closer we can come to that goal, the easier your life is and the easier our life is.

Thank-you, as always, for your patience during troubling times. If you have any questions or feedback, please do contact NinerNet support.

Tags: accounts receivable, billing, email, invoices, paying your bill, paying your invoice, support, transparency
Categories: Announcements
Comments Off

Adventures in blocking spam

7 May 2024 06:42:30 +0000

As we’ve said outright and intimated over the years, the battle against spam is never-ending.

One thing we have noticed in the last year or so is that a huge amount of spam comes from certain TLDs (top-level domains), but blocking entire TLDs is a bit radical. We have generally avoided doing so, but the time has come to block the following two alternative TLDs:

sa.com, and
za.com

These are simply two regular domains, but they are owned by CentralNIC (now “Team Internet” because they can’t make up their minds about how they want to be known) who market them as TLDs — just as NinerNet markets the zam.co domain as an alternative TLD (actually, SLD, second-level domain) for Zambia. Therefore, you can buy the sub-domain your-name.sa.com and your-name.za.com. CentralNIC doesn’t seem to make even a cursory attempt to stop spammers from using their domains to spam, so we now block all messages sent from all addresses on those two “pseudo” TLDs — e.g., spammer1@spammer1.sa.com and spammer2@spammer2.za.com. We’re considering blocking the .top TLD as well, for the same reason, but we haven’t yet. You can certainly block entire TLDs from reaching your email addresses as well, if you feel this rather extreme move will benefit your domain.

If you happen to correspond with a legitimate correspondent on one of those alternative TLDs, please contact NinerNet support and we will work with you to address the problem you will now have communicating with them.

Thanks for your attention to this matter.

Tags: domains, email, scams, spam
Categories: Notices
Comments Off

Email DNS settings

28 February 2024 06:27:08 +0000

A little earlier this month several of our clients with websites contacted us as a result of being sent an email message by their website designer/manager with the subject, “Updating sending DNS for newsletters”. This is as a result of the fact that Yahoo and Gmail recently decided to start enforcing email rules that the rest of us have been following for many years, but since those two providers have a huge share of the market, when they sneeze the rest of us catch a cold.

The fact is that all domains we host are already configured to follow all the rules to ensure that your messages are securely received by destination mail servers, so you and we are already in compliance with the rules that Gmail and Yahoo have just finally woken up to.

The only difference of which some of our clients need to be aware comes up when they’re using a mass-email provider to send out mass emails. As we have long advised, even though that particular post is from only last year, we strongly suggest that mass emails be sent using a service provider that specialises in that service; NinerNet does not. Yes, we have an option in our mail server’s control panel to create mailing lists, but doing so is inadvisable unless you’re just creating a very small list of your own employees, or maybe a few of your customers … with “few” in this case being defined as only a few dozen, definitely fewer than 100. If you have more than one hundred, which we certainly hope you do, then please use a company like Mailchimp. (They’re just one example; we don’t have any sort of deal with them.) Getting many emails out to many recipients successfully is not for the faint of heart; it’s a time-consuming process involving staying on top of all of the rules to avoid spam filters that enforce those rules and deem messages as spam if they are not following all the rules. And it’s especially time-consuming to prevent spam from being sent out using those services!

To follow the instructions that your mass-email provider provides you will need to log into and check the DNS settings for your domain in the nameserver control panel, and either add the records they suggest or modify the ones that already exist. For example, your domain already has an SPF record, so you will need to modify the existing record while keeping the information that the existing record already contains. If the instructions you’re following don’t make it clear how to do that, please contact NinerNet support and we will assist you.

Thanks.

Tags: dmarc, dns, domain-based message authentication reporting and conformance, email, mass email, sender policy framework, spf
Categories: Notices
Comments Off

Help! My email account is running out of space!

19 February 2024 05:39:00 +0000

Occasionally, and even more often lately, we’re asked — usually indirectly, because the “question” is more the statement that is the title of this blog post — about disk-space management when it comes to the limited email quotas that exist in every email account in the world, despite claims of “unlimited” this and “unlimited” that made by shyster hosting companies the world over.

Contrary to popular belief, you are not obligated to delete messages; you only have to move them off of the server. You can very easily do this in any full-featured email program by creating folders that are on your hard drive, as opposed to the server. Then you can archive messages by dragging them to your “local” folders, which moves the messages off of the server onto your local hard drive.

We really should create some detailed instructions on our website for this, as we’re finding this come up more often. For now though we’ll point you to this link:

Add Local Folder to Outlook to Free Mailbox Storage space

Here it shows you how to create local folders, which it also calls “personal” folders for some reason, perhaps because of Microsoft’s terminology. This will mean that you will continue to have these messages (they’re not deleted), but they just won’t be available in the webmail or whenever you’re accessing your email that is stored on the server itself, such as possibly on your phone.

It refers to this page on the Microsoft website:

Create and Use Personal Folders

The video there seems to be a good summary of what you need to do. There’s a warning at the top of the page that states, “Support for Office 2013 has ended”, but the same principle applies even if the actual technique of creating local/personal folders has changed more recently in Outlook, or if you’re (very smartly) using a different email program. It has been years since I did this in Outlook myself for a client, but it works very well.

I do the same about monthly on my own computer. Once a month I archive all emails from two months previously into “local” folders on my own hard drive, thereby freeing up space on the server. The local folders are organised by year and month, so they look like this:

2023
- January
- February
- March
- etc.
2024
- January (to be created in March)
- February (to be created in April)
- March (to be created in May)
- etc.

Then, next month (March, since this is being posted in February), I will just drag all of the emails I received in January into the local “January” sub-folder under the 2024 folder. I also create a folder hierarchy for my sent messages, organised in the same way by year and month. This way I always have this month’s and last month’s emails on the server (and available on my phone or in the webmail), and anything before that on my own hard drive. However, you can archive messages by any scheme you desire, not just by date. And, of course, if there are special messages that you want available on the server at any time, just move or copy them into folders you create on the server.

We’re all used to being aware of the fact that our hard drives are finite, even though they grow exponentially every time we buy a new machine, so we don’t save every awesome cat video we see and install software as if there’s a race to install all the software we can before we die. It’s the same with our email accounts, although on a much smaller scale.

Yes, it’s great that we can use IMAP on multiple machines or devices to have access to all past messages wherever we are at any given moment. But do we really need access to that message from 18 October 1987? Sure, there may be the occasional need to have access to a really old message — especially in industries where that is regulated by law — but not necessarily at our fingertips 24/7.

We hope that helps you understand how email works. And this applies to all email accounts with all providers, even Gmail. Daily (including at this very moment as I write this) we see outgoing messages queued on our mail server for Gmail accounts that are full. Usually they bounce after a few days unless the Gmail account owner clears up some space, usually using the technique above.

If you have any questions at all about this, and you are a NinerNet client (or want to be), please feel free to contact NinerNet support. Thank-you.

Tags: email, quota, webmail
Categories: Notices
Comments Off

Why do I get so much spam?

14 February 2024 12:55:34 +0000

NinerNet hosts email. The one thing that this guarantees us is to receive complaints about spam. Unfortunately, we’re not a monolith like Google, so we need to reply to these. Try sending an email to support@gmail.com and see what you get. Silence.

So the point of this post is to try and help people understand why they get spam at all. This has nothing to do with your email hosting provider. Well, I can certainly guarantee that NinerNet is not selling your email address(es) to the spammers, otherwise we’d be rich! But we don’t need to sell your email address. If you create the email address your-common-first-name@your-domain-that-is-publicly-known.tld, bingo, the spammers have your email address. What about that support address above? That’s what’s called an RFC 2142 address. RFC 2142 (“Mailbox Names for Common Services, Roles and Functions”) outlines a list of email addresses that are supposed to exist on every domain, and one of them is support@. They are:

abuse@
ftp@
hostmaster@
info@
list@
list-request@
marketing@
news@
noc@
postmaster@
sales@
security@
support@
usenet@
uucp@
webmaster@
www@

You probably have one or more of those addresses on your domain. Congratulations! You’ve just painted a target on your back, or maybe seventeen of them to be precise.

Other ways spammers get your email address:

Websites: Don’t post your email address on the Web! Even on your own website. There are crawlers/spiders automatically collecting those addresses every minute of every day. If you post your email address on your own website, it will receive spam within days, maybe even hours!
Unscrupulous suppliers: This has always been a bugbear. Of course, if your supplier happens to have millions of customers, it would be tempting for them to sell your email addresses. Some disguise this as “sharing your information with trusted partner organisations”. Of course, their definition of “sharing” has a dollar figure attached to it, dollars they will never “share” with you.
Crackers: Ever had a virus on your computer? Your email address and the email addresses of all of your correspondents are probably not the only thing you’ve handed over.
Friends: You know that idiot friend or relative of yours that sends out joke emails with hundreds of email address in the “to” and “cc” fields? Yup, thanks Aunty Betty / Uncle Bobby.
Forwarding: This is one the things that has driven me crazy since the 20th century! It’s bad enough that your friend/relative has sent you the world’s funniest email joke in the history of humanity, but they copied it to a thousand of their closest friends and relatives by putting their email addresses — including yours! — in the “to” and/or “cc” fields so that everyone can see them! And then, to show how ignorant some of their friends and relatives are, some of them forwarded the same email with all of those addresses still exposed in the body of the message. Those email addresses are all then exposed to whatever malware comes along on any of the hundred or thousands of computers on which those emails are stored. But it’s not just ignorant friends and relatives that do this; I’ve seen supposedly professional IT people do this in professional, business emails!
Hacked databases: Related to the “unscrupulous suppliers” point above is the fact that the databases of said suppliers are hacked all the time.
WHOIS: If you’ve registered a domain, the domain registry likely has your email address in a publicly-accessible database called the WHOIS (“‘Who is’ the owner of this domain?”). Thankfully, when the GDPR was implemented in the European Union in 2018, the biggest registries in the world — the ones that run the gTLDs (generic top-level domains) — were forced to take their heads out of their nether regions and stop publishing that information. But sadly, some ccTLD registries still have their heads planted firmly where they’ve always been (can anyone say dot-zm?) and they still make this information freely available to spammers scraping the WHOIS, despite their feeble disclaimers.
Viruses and other malware: If one of your contacts’ machines or devices are compromised by a virus, one of the purposes of that virus is probably to spam you, or send copies of the virus to you.
Subscriptions: If someone is trying to get your email address for their newsletter, maybe they also want it to sell it.
E-cards: Awww, it’s so lovely to send your valentine (or wannabe valentine) a valentine “e-card” … or Christmas card, or birthday card, or …. You probably didn’t ask for their consent first though, so you’ve essentially just screwed (and not in the way you or your valentine want to on Valentine’s Day!) your valentine’s email address for the rest of his/her life, or the life of that email address.
Signing up for stuff: Whether it’s a free report or white paper or signing up for a class at a local community centre, you lose control of your email address the moment you give it out to anyone. Some websites exist simply for the purpose of collecting email addresses in this way, a cute, shiny bauble for your email address. Are you really going to read their hundreds of pages of terms and conditions to realise how your email address (and you) are going to be abused? Didn’t think so.
Phishing: Phishing emails essentially just try to trick you into doing something you normally wouldn’t do. Of course, they already have your email address from any of the methods listed here, but they want more than just your email address, and perhaps what they want are the email addresses of all of your contacts. Often they can get these if somehow you give them to them (LinkedIn) or they can get if you give them the password to your email account where you might have them saved.
Plug-ins and apps: Be very careful of plug-ins and apps that may be copying all of your contacts and sending them to whoever is controlling the app or plug-in. Be especially careful of apps and various social media websites (such as LinkedIn) that helpfully offer to send invitations to your contacts! We mention LinkedIn in this regard especially, for these three reasons:
- Use of e-mail accounts of members for spam sending,
- Perkins lawsuit (related to the above), and
- Moving emails to LinkedIn servers.
Brute force: Besides the technique mentioned where spammers send to a list of common names on all domains, they can simply send to a@example.com, b@example.com and so on, and then start again at aa@example.com, ab@example.com and so on. The terms “brute force” and “dictionary attack” apply here.
Buying it: The other side of any of the above transactions happens when anyone who has obtained your address by one of the methods above sells it to willing buyers. You yourself have probably been spammed by people offering to sell you lists of email addresses, all of which would have been acquired by one or more of the techniques above.

If even one of the above applies to you, you have signed the warrant to have your email address spammed, but chances are that you have committed several of the above, compounding the problem. Again, it’s not your email provider’s fault that you get so much spam.

How can I receive less spam?

Two VERY effective ways to avoid spam are to use “supplier addresses” and rotating temporary email addresses. Let me explain both:

Supplier addresses: For many years I’ve operated a system of what I call “supplier addresses”. If I’m dealing with Twitter, for example — not that I use their name because they were mentioned in recent news about a data leak — I create the email address “twitter@mydomain.com”, and I only give that address to Twitter, nobody else. (Actually, don’t create a new email address, just create a free alias for the email address that will receive email from that supplier.) Yes, I have the email address my-common-first-name@mydomain.com, but the only people who get that email address are my family, friends and existing clients. Nobody else on the planet gets that address, and I certainly don’t enter it into a form field on a web page and I don’t post it on the Web! So if Twitter (in this example) sells my email address or is hacked, I know exactly who let my email address into the wild. To be frank, that hasn’t happened to me many times, but I quickly realised that it does happen, so the email aliases I create now all include a number (e.g., twitter123@mydomain.com). If the email address is compromised I just change the number and inform Twitter by changing it in my account with them and kill the old alias. My numbering follows a system, but you can make your own rules.
Rotating temporary email addresses: I link above to the service that NinerNet provides, but at this point it’s a very limited, non-automated service with very few customers. However, it’s not rocket science and you can do it yourself on your own domain. For example, if your primary address is bob@yourdomain.com, create a free alias for this month called “bob2402@yourdomain.com” on that address. I also create one for last month and one for next month, to ensure continuity when the month changes over. (The numbers in this example are obviously two digits for each of the year and the month.) Now you can give out the temporary alias to whoever you want with no concern at all about being spammed. Want to download that “free” white paper? Give them your temporary alias secure in the knowledge that when (not if) they start spamming you it will probably be after that email ceases to exist. Then at the beginning of next month, just delete one alias and create the next. In February I will have an alias for last month (2401), this month (2402), and next month (2403). On 1 March I will delete the January alias and create the April (2404) alias. If you have a contact form on your website for new customers to contact you, reply from this month’s temporary alias until they become a new client. At that point you obviously have to throw caution to the wind and start using your “real” email address, but you’ve already done a lot to hugely reduce the amount of spam you will receive from not following any precautions at all.

With a little imagination — but feel free to contact NinerNet if you need help — you can apply the above principles to all of the email addresses in your company, whether it’s just you or you have a thousand employees. They will drastically reduce the amount of spam you and your employees receive, before your email service provider’s anti-spam system even kicks in.

They key point here is that you need to practise “email hygiene”. How is your email hygiene?

Tags: email, phishing, rotating temporary email, scams, spam
Categories: Notices
Comments Off

Email restrictions reminder, Phishing

13 December 2022 05:00:02 +0000

As Christmas rapidly approaches, we’d like to remind you of two limitations to keep in mind with respect to sending email, and to implore you once again to take phishing scams seriously.

Sending limits

Within the last year or two we have had to implement a limit of sending to 300 email recipients per day per email account. This is a limit that hardly anyone runs up against, but it does happen. The reason for this is quite simple: email accounts are hacked when a computer or phone is compromised, and the person or organisation who has compromised the account then uses the account to send spam or phishing messages. If there was no limit on how many messages can be sent in a day they’d send millions! If this happens, our IP addresses are blacklisted and then none of our clients can send any emails outside of our network.

With this limit in place messages to only 300 recipients can be sent, and by the time the 24 hours are up a compromise will have been noticed, and the password for the email account can be reset. (We often notice these spam runs when they are in progress, and they are shut down before more than a few dozen are sent.) Experience has shown that if 300 such messages are sent, that seems to be just below the point at which damage to our IP addresses’ reputation is done. We experimented with a limit of 400, but damage was still done.

If you’re going to send messages to a few hundred or thousand of your customers we suggest the following:

If you regularly want to send that many emails we strongly recommend that you use a company such as Mailchimp.
If you have a one-time need to send a lot of emails, break your list up into groups of 300 (or just under 300) and send that many a day.

Please note that however you chose to send mass emails you must have documented proof that you’ve received permission from the recipients to send them non-personal emails like this. If you don’t have that permission, then don’t send them those emails. It’s quite simple. If you don’t have permission you cannot defend yourself against accusations of spamming, and you risk your account being suspended and removed.

Also note that the limit is the number of recipients. If you send an email to Bob, copy it to Jane and blind copy it to Jim, that’s 3 of your 300 recipients (not “1 message”). If you send another email to the same people, that’s now 6. If you send one email blind-copied to 300 recipients, you’re done for the day and you can go home. 🙂

Sending restrictions

We often see clients trying to send emails with restricted attachments. Our mail server stops emails with executable attachments (.exe files, for example, but there are more and it’s not the file name extension that determines if a file is executable) and documents that contain macros, or scripts that can be executed when the document is opened. These cannot be sent by email because they could contain malicious code. If you want to send these files to someone else we suggest that you either use what’s called the “sneakernet” — put the file on a flash drive and walk it over (perhaps wearing “sneakers”) to the person you want to give the file to — put the flash drive in the postal mail, or upload the file to a website or file upload service from where someone can download it.

Many office-type documents — spreadsheets, word processing documents, slide shows, etc. — contain macros (scripts), which you may or may not be aware of, and if you’re trying to send them they will not reach the intended recipient. Sometimes when you create a PDF file from an office document the scripts are embedded in the PDF, and those will be blocked for the same reason.

All email services — even the biggest ones — have these restrictions so that the email service as a whole can still be useful to the people that use it. If we don’t stop these kinds of emails from going out, the recipients’ mail servers will stop them from coming in.

Phishing

We desperately want to remind you yet again — we know, it sounds like a recording — about email scams, and in particular “phishing” scams. These scams happen. They happen to you. They happen to our clients. 2022 was a record year for our clients, and not a record to be proud of. Just among the clients we know of, over US$100 000 was lost as a result of phishing scams. This is shocking; this is heartbreaking. It doesn’t need to happen.

Treat every email you receive — even this one! — with suspicion. Rather than looking for signs that an email might be a scam, just assume it is! Then look for the signs that it isn’t a scam. Instead of memorising an interminable list of things to look for that show an email is a scam, instead simply ask the message to prove to you that it really is from the person who claims to have sent it, and that the request it contains is legitimate. Did NinerNet really just send you the email you received that is asking you to verify your email password, or upgrade to some service that we don’t even offer? No, we didn’t send that email. We just don’t send emails like that, and neither does any other mail provider … or bank, or life insurance company, or …. Almost nobody sends a legitimate email claiming that you have to pay an invoice in a different way to how you’ve been paying that company for years! Yes, your suppliers do change banks occasionally, but if they do they will give you plenty of notice, not send you a frightening message out of the blue demanding that you send them money to a different destination or have your service cancelled. It just doesn’t happen like that in the real business world. THINK! BE SUSPICIOUS!

You should learn more about email scams and phishing. Read these links:

NinerNet blog on Scams
NinerNet blog on Spam
Wikipedia on Phishing
Man-in-the-middle attack
- This attack was used to steal about US$50 000 from one of our clients and their clients.

If you have any questions about any of the above, please do let us know. Thank-you.

We will have one more email for you before the end of the year, with information we’re excited about because we hope it will improve our email infrastructure in 2023. We hope you’ll like it too.

Tags: email, email sending limits, email sending restrictions, phishing, scams, spam
Categories: Notices
Comments Off

Shaw continues to have problems receiving email

17 August 2022 11:36:57 +0000

We’ve posted countless times now about this, and really, this is likely to be the last time. Shaw’s email filtering sub-contractor continues to block legitimate email from NinerNet servers. This legitimate email includes messages from banks, universities and the like. We’re not talking about spam here, but legitimate financial and business email.

As we’ve said before, we strongly advise that you do not use automatic forwarding of all messages. There are actually very few, limited circumstances under which this is necessary. If you’re not clear on why, please contact us to ask and we’ll be happy to discuss this with you. There may be something related to email you’re not fully understanding.

In other Shaw-related news, NinerNet was not affected by the Rogers outage last month. This is Shaw-related because Rogers will very likely be taking over Shaw, which means that future Rogers outages will be spread, like a virus, to the Shaw system too. Thankfully, none of NinerNet’s systems rely on Shaw or Rogers at all. This is a design choice that we made long ago.

Tags: deliverability, email, reputation, rogers, shaw
Categories: Notices
Comments Off

Significant recent spam activity

16 March 2022 02:30:11 +0000

In the last 48 hours we have seen a significant increase in the number of email accounts that have been compromised due to the virus infection of a large number of our clients’ machines and/or devices. In one case that we know of, one of our resellers stated that they “have a company wide nightmare [of] machines spamming each other and everyone they have ever talked to via email.” This is not good. They have been working with their client to get a handle on this, and as of Tuesday their time this issue seems to be under control for them.

However, since then we have had multiple other email accounts compromised on multiple domains. Please note that email accounts are “compromised” when the machine or device on which the account is configured is infected with a virus. This is not under the control of NinerNet, but you and your employees and colleagues. Please ensure that you have updated anti-virus programs or apps installed, and please do not open attachments from unknown senders. Even attachments from known senders must be treated with extreme care, because viruses tend to come from other infected machines, and they could be the machines or devices of people you know.

Some reminders for all clients:

Please ensure you have anti-virus software (or an app) installed on all machines (computers) and devices (phones/tablets),
Please only open attachments after they have been scanned for viruses,
Please be extra careful of attachments sent from unknown senders, and
NinerNet’s mail server scans incoming and outgoing messages for viruses, but if the vendor of the software isn’t aware of the existence of the virus it may get through. If you also have anti-virus software installed, then that additional scan could make the difference between a normal day and an expensive day you’d rather forget.

At this point it looks like we nipped these outbreaks in the bud, so our mail servers are not in any additional blacklists. However, please do contact NinerNet support if you have any issues with outgoing email, or if you have any questions.

Thank-you.

Tags: email, reputation, security, spam
Categories: Notices, Warnings
Comments Off

A couple of issues today

27 January 2021 10:28:08 +0000

We, as well as some clients today, have received phishing emails advising the recipients to follow a link to deal with emails that have been quarantined or “suspended” on the mail server. These emails are scams, and do not come from addresses on the niner.net domain. Do not click on the links, and delete the emails.

Secondly, we are aware that the primary mail server’s IP address is in at least one new blacklist as a result of our data centre being blacklisted. If email you send is bounced for this reason, please advise us and we will re-route email to that domain via one of our relay servers.

Please contact NinerNet support if you have any questions or need to report something. Thank-you.

Tags: email, scams, spam
Categories: Notices
Comments Off