Corporate Blog

Using the mail server control panel to manage your email

28 July 2025 02:21:47 +0000

Back when NinerNet started in this business in 1996, we had to do everything for our clients, and I do mean everything. I’m not going to list “everything” because you’ll stop reading, but one example is creating an email account. This was because control panels hadn’t been invented yet.

Now we have control panels, but because it seems that email “just works”, people don’t take the time to look at their control panels to determine why things “just work”. Let’s leave aside the mail service providers that “just don’t work”, as illustrated in our last post.

One thing that isn’t quite 100% automated yet, because humans are still needed, is reading the minds of email senders. Incoming spam is pretty close to 100% automated thanks to programs like SpamAssassin and blacklists. Handling incoming email is close to 100% automated because the onus is on the senders to do something to ensure that their messages are not seen as spam. It’s not a big secret that, for example, this subject indicates that the message it contains is probably spam: “GET RISH QUICK!!! MILIONS WHILE YOU SLEEP!!!!!” So guess what? You don’t receive messages with that subject because they’re caught and deleted by spam filters. (Yes, those spelling mistakes are intentional.) If you use a bulk mail service provider to send mass emails to your clients, as you should if you do send them, they try to educate you on what markers will trigger spam filters, and they also usually provide some sort of testing platform that will analyse your message to determine whether or not it might be caught by a spam filter.

But two things blow me away:

When clients send emails to themselves, and
When those emails are marked as spam so they never arrive.

Now, it does occur to me that maybe their using our system to test their email to see if it will be considered spam. But really, the examples we’ve seen are definitely not that! Most of the time they’re sending themselves a file that is attached. Why?! They obviously already have the file, so why are they sending it to themselves?!

The problem is that we don’t know if the client knows why they didn’t receive the message they sent themselves. Have they assumed that NinerNet “lost” it? I sure hope not, because we know exactly where it is and why it wasn’t delivered. And if the client logs into their control panel and looks at their “quarantined” messages, they’ll know as well!

Here’s an example of a message that a client has been sending themselves continually for about a week now:

Self-spam.

Here’s the plain-text view:

Content type: Spam
Internal reference code for the message is 01478-17/tLRgpsMsQL9j

First upstream SMTP client IP address: [160.242.61.xxx]:37436

Received trace: ESMTPSA://[160.242.61.xxx]:37436

Return-Path: <xxxx@xxxxxxhydraulics.com>
From: wade <xxxx@xxxxxxhydraulics.com>
The message has been quarantined as: tLRgpsMsQL9j

The message WAS NOT relayed to:
<xxxx@xxxxxxhydraulics.com>:
250 2.7.0 ok, discarded, id=01478-17 - spam

Spam scanner report:
Spam detection software, running on the system "nc036.ninernet.net",
has identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.

Content preview: [...]

Content analysis details: (4.3 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
-1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000]
0.1 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME
0.0 HTML_MESSAGE BODY: HTML included in message
1.7 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words
0.8 MPART_ALT_DIFF BODY: HTML and text parts are different
0.5 MISSING_MID Missing Message-Id: header
1.8 MISSING_SUBJECT Missing Subject: header
2.3 EMPTY_MESSAGE Message appears to have no textual parts
0.0 TO_NO_BRKTS_HTML_IMG To: lacks brackets and HTML and one image

Let’s analyse each of these points on which the email message was scored for spam. Let me say first of all that negative scores are good, so we won’t waste our time with those. I’m also going to focus on only the scores above 1:

1.7 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words
* If your message is just an image it probably won’t get through. You need to add text so that the spam filter believes you’re explaining/describing the image.

1.8 MISSING_SUBJECT Missing Subject: header
* Use a freaking subject! If you’re really just sending a message to yourself, mash some keys in the subject line! It doesn’t matter what they are.

2.3 EMPTY_MESSAGE Message appears to have no textual parts
* Again, if only you yourself are going to see the message, mash some random keys in the body of your message.

Messages with a spam score over 3.5 are considered spam, and this message consistently receives the above score of 4.3. If this person would just do one of the things above — mash some keys in either the subject or body (or both!) — he/she would get his or her message. And yet, I get a copy of this spam report every time he/she tries. It’s frustrating, for me and (I assume) for the sender that never receives a copy of their message!

Of course, in line with the subject of this post, the sender can also log into the control panel, navigate to their quarantine, mark the message they sent to themself and “release” it.

Tags: email, spam
Categories: Interest
Comments Off

Continual problems with South African ISPs and mail service providers (Afrihost and Xneelo)

27 July 2025 23:36:22 +0000

I’ve just spent about seven hours writing a long, detailed and evidence-based reply to a client who just receives nothing but BS, delay tactics and obfuscation from a South African mail service provider named Afrihost. (Please see here for the details of the never-ending Xneelo debacle, which is similar.) I am posting this here so that I can at least get some mileage out of this waste of seven hours of my life, on a Sunday.

Names and addresses have been changed or redacted to protect the guilty.

Hi Bob,

Thanks for your email. You only sent one side of a supposed email
exchange with Afrihost; there was no "back-and-forth" so I see no
evidence, namely domains (besides your own domains, which are only one
side of the equation, and hotmail.com), IP addresses, dates, times and
(most importantly) bounce messages. In particular I see no evidence --
no *proof* -- on Afrihost's side that what they are saying is true.
Anybody can say and claim anything they want, but it's pointless if
they don't back it up with evidence.

Unlike in politics, everything I have said in the past about email and
everything I will say in the future (including below) is technical and
backed up by hard evidence. Lying to paying clients is a complete waste
of time and will not end well, but it seems that the support
departments of bigger companies like Afrihost are schooled in BS and
delay tactics, rather than providing actual support or admitting fault
and actually fixing their broken systems.

This email is long (I won't apologise) because email is complicated and
this message is based on the work that Afrihost won't do to address
your one puny complaint because they have a lots of other complaining
customers to BS with their lies. The hours (about six so far today just
to answer your email full of Afrihost lies) of work *I* have to do to
give you a full and honest answer and explanation is something that
doesn't increase their share price, so they won't do it. But my efforts
seem to be worthless because everyone seems to believe BS these days
rather than concrete proof.

Here is my actual evidence / hard proof:

* https://multirbl.valli.org/lookup/ucebox.co.za.html
* This is a domain-based list of mail servers that are in blacklists,
and this is a search based on ucebox.co.za, which shows their domain in
one blacklist.

* https://multirbl.valli.org/lookup/smtp.ucebox.co.za.html
* This is the same as above, but with the alleged name of their sending
(SMTP) server (definitions below) provided in the Afrihost message
below, and the results show that their SMTP server is in the same
blacklist.

* https://multirbl.valli.org/lookup/197.242.159.57.html
* The sub-domain smtp.ucebox.co.za resolves to twelve different IP
addresses. This is a search for one of those IP addresses, and that IP
address is in five blacklists!

* https://multirbl.valli.org/lookup/41.76.215.28.html
* Like the search above, this is a search for another of their twelve
IP addresses -- both this one and the one above are random choices because
I'm not repeating the search twelve times when the results for *two* of
them are bad enough. This IP address is in six blacklists!

A quick glance shows that the blacklists all seem to be the same (which
is not surprising), so they are not in a total of 13 blacklists, just
the greatest number of 6. In comparison, NinerNet's mail server is in
three:

https://multirbl.valli.org/lookup/178.62.195.26.html

The point is not to compare numbers and say that our number is smaller
and so we're better; the point is to say that we're aware of the
problem, and the information we have provided on our blogs (
https://blog.niner.net/tag/email and https://status.niner.net/tag/mail
) goes towards explaining certain things.

In there we explain our presence in two of the blacklists (Ascams and
UCEPROTECT), which cover every single one of the IP addresses owned by
our data centre; it is *not* because our mail server has done anything
to be in that blacklist. The only full remedy to that problem is for us
to move our mail server to another data centre with another company,
which is not something that we can do on a whim and without
considerable forethought and planning, but which we *will* be doing on
the next move. What we do to overcome this problem is to redirect all
email to certain domains through our secondary SMTP server; problem
solved. It's impossible for us to know in advance what those
destination domains are, but as soon as one is reported by one of our
clients we direct all future messages to that domain through our
secondary SMTP server. Problem *immediately* and *fully* solved. (By
the way, hotmail.com is one of those domains, which is why you'll
receive this via our secondary outbound/SMTP mail server.)

The third blacklist (Polspam) is a Polish blacklist. It's a bit more
complicated to determine why we're on that list, but my *educated* (I
emphasise) guess is that we're on it for the exact same reason we're on
the other two blacklists, because all of our data centre's IP addresses
are blacklisted.

Have you asked Afrihost why they are on at least six blacklists and
what they're doing about it? I believe the answer to that question is
"no", and even if you asked you will *not* get an answer, or you will
be told in relatively polite terms that you don't know anything about
email and that they are perfect and NinerNet is the problem ... the
aforementioned BS. This is similar to the issue with another South
African ISP, which we have documented exhaustively at:

status.niner.net/2024/01/19/email-messages-from-xneelo-formerly-hetzner-south-africa-senders-blocked

We don't get into these arguments with non-South African ISPs and mail
service providers, so I'm forced to come to the conclusion that South
African's don't give a damn.

Definitions:

* Blacklist (also "blocklist" for those that want to be politically
correct): A list of servers -- usually based on their IP addresses, not
domains -- that have sent spam or malware in the recent past. The full
definition is broader than that (as I've partially explained above) but
if you want a longer explanation than this already long email I suggest
you use an Internet search engine I refer to below. Blacklists exist to
remove servers from the email system that have shown problematic
behaviour in the *recent* past so that legitimate receiving mail
servers -- such as NinerNet's -- don't have to process "junk" email,
and legitimate email receivers -- such as you -- don't have to read and
process junk email.

* BS: This is about as profane as I will get in communications with a
client, although in situations like this it's getting more and more
difficult not to turn the air blue. It's an adjective, a noun, a verb
and probably various other parts of speech. If you're unclear on the
meaning, that's what Internet search engines are for.

* SMTP: Simple Mail Transfer Protocol. This protocol is how mail
servers communicate with one another, and the term "SMTP" is also used
as an adjective.

* Various other colour lists: They exist, but neither Afrihost's
domains nor IP addresses are in any, so I won't get into what they are
and are not.

I took a look at [YOUR WEBSITE]. I note that
(assuming that's you) you're involved in "Compliance & Business
Solutions", and that, "[You] believe that great businesses are built on
strong systems, clear strategy, and full compliance." Email is all
about "compliance" with "standards" which, as benign as that word
sounds, are actually the non-negotiable "rules" that have to be
followed to get an email message from point A to point B. Afrihost have
made all sorts of claims in the email you forwarded to me, but they
have not told you how you can check on those claims. On the other hand,
NinerNet has shown you all the third-party evidence that backs up the
claims I've made.

I will address some of the things they have said:

* "We’ve confirmed that the messages from [YOUR EXTERNALLY HOSTED EMAIL
ADDRESS] are successfully sent and accepted by the outbound mail relay
(smtp.ucebox.co.za) with a 250 OK response, indicating successful handoff.":

* While I'm willing to accept that someone has made a mistake in their
rush to get to the next complaint from one of their customers and I
don't want to be pedantic, an "outbound mail relay" does not "accept"
email messages (as far as this issue is concerned), it offers/sends
them. The "250 OK response" is what they see in the logs on their mail
server, but since they didn't actually provide the specific lines of
the logs (with dates and times) NinerNet has absolutely no way of
correlating their claims against the corresponding lines in the logs of
our mail server. This is how auditing works, as you would very well
know from the list of qualifications on your website.

* "Additionally, the same emails are being successfully delivered to
[HOTMAIL ADDRESS], which confirms there’s no issue on our end
with sending or authentication (SPF, DKIM, and DMARC all pass":

* Again, NinerNet is not Hotmail and doesn't know how Hotmail servers
work. It does *not* confirm *anything* other than the fact that Hotmail
and NinerNet handle email from blacklisted IP addresses differently. And
they didn't tell you how to confirm that their claims that their "SPF,
DKIM, and DMARC" all pass. I took a quick look at some of their public
DNS records -- did I mention how many hours I've already spent on this
reply? -- and at least one of them are broken. It's not a significant
one, but if they can't get one of them right how and why should I or
you assume that they got the rest of them right?!

* "You may check if there is [sic] any server-side filters or rules
that might be rejecting, flagging, or silently discarding these
messages. if not, you may whitelist the domain at the [YOUR DOMAIN]
side and check again.":

* This is a good idea. I have checked whatever blacklists you might
have in place through the control panel on the mail server and you
don't seem to be blocking anything relevant, but you will have to log
into the webmail to see if there are any filters in place there that
could be causing a problem. I have looked for ucebox.co.za and the IP
addresses that smtp.ucebox.co.za uses in our server-wide blacklists,
and they are not there. That means that if email from their servers to
our server are bouncing -- that hasn't explicitly been stated -- then
they're bouncing because of the blacklists their servers are in. This
means that the blacklists are working as intended and as advertised,
which I consider to be a good thing.

While in the control panel I had a look at the logs of email you've
received at [YOUR DOMAIN], and I note four recent email messages
successfully received from [YOUR EXTERNALLY HOSTED EMAIL ADDRESS]:

* RE: Bank confirmation letter, Lease agreement and Invoices.
* 2025-07-26 11:44:09 CAT

* TEST
* 2025-07-27 12:23:03 CAT

* Last Test
* 2025-07-27 12:23:15 CAT

* test new
* 2025-07-27 17:08:37 CAT

Those were all successfully received, which makes me wonder why I have
spent six hours writing this email. For that reason I will end this
message here and claim, like Afrihost, that there is no problem.

Craig

On Sun, 2025-07-27 at 15:07 +0000, [NINERNET CLIENT] wrote:
> Hi Craig,
>
> Trust you are well? Please see below emails and my back-and-forth
> exchange with Afrihost. None of my emails from my [EXTERNALLY HOSTED DOMAIN]
> domain is being received by our [NINERNET-HOSTED DOMAIN]. are you able to check
> into it please?
>
> Thanks and Regards,
>
> [NINERNET CLIENT]
> [PHONE NUMBER]
>
>
>
> From: Afrihost <hosting@afrihost.com>
> Sent: 27 July 2025 16:59
> To: [NINERNET AND AFRIHOST CLIENT]
> Subject: [#PXQ-982-73116]: blocked emails
>
> Hello there.
>
> Following up on the issue regarding non-delivery of emails to
> [NINERNET CLIENT]:
>
> We’ve confirmed that the messages from [AFRIHOST-HOSTED EMAIL ADDRESS]
> are successfully sent and accepted by the outbound mail relay
> (smtp.ucebox.co.za) with a 250 OK response, indicating successful
> handoff.
>
> Additionally, the same emails are being successfully delivered to
> [CLIENT'S HOTMAIL ADDRESS], which confirms there’s no issue on our end
> with sending or authentication (SPF, DKIM, and DMARC all pass
>
> You may check if there is any server-side filters or rules that might
> be rejecting, flagging, or silently discarding these messages. if not
> , you may whitelist the domain at the [CLIENT'S DOMAIN] side and check
> again.
>
> Regards,
> Sreehari RS
> Check out some of our hosting tutorials by going to the following
> link:
> https://answers.afrihost.com/video-hosting

--
NinerNet Communications | Craig Hartnett
* https://www.niner.net | [EMAIL ADDRESS]
Phone: +1 604 630 1772 | +260 96 209 8871 | 1 855 NINERNET

We do not have these discussions with our clients about ISPs and mail service providers in Europe, North America, South America, Asia or Oceania. Incompetence seems to be concentrated in South Africa.

Tags: afrihost, email, reputation, xneelo
Categories: Warnings
2 Comments »

Our new rates

16 February 2025 22:43:33 +0000

We sent the following information to our existing clients on 14 February 2025:

As we advised on 29 November 2024, we have a new retail rate system. These rates are already in effect for new clients, and they go into effect today for existing clients. Invoices issued this month will use the new rates.

Our rates page will be updated next week, but here is a summary of the changes:

Web hosting: Hosting a website will now cost only US$10/C$15 per month, down from up to US$40 per month. (More on exchange rates in a moment, especially for you Canadians.) As we said in November, this will cover websites of all sizes that we currently host. If a company with a website the size and complexity required by the likes of Google or Microsoft shows up, this will not apply, and we will quote on their specific needs. Aliasing additional domains to the same website will be done at no additional charge.

DNS/nameserver hosting: NinerNet will provide DNS hosting for US$20/C$30 per year per domain, which is the same as our current rate. Almost all of our clients have only one domain. If a client has two domains (for example) aliased to the same email and/or web hosting we will offer significant discounts. So if someone has example.com and example.net pointing to the same website and/or the same email accounts, they will not both be US$20 but the second will be discounted.

Email hosting: We will no longer offer “bundles” of email accounts: if you want one email account, you will pay for one email account; if you want a thousand email accounts, you will pay for a thousand. No longer do you have to upgrade to the next package if you want to go from five email accounts to six. Email accounts will be US$4/C$6 each per month and will include 25 GB of disk space — room for about 3.6 million average-sized email messages that don’t contain any attachments like cat videos. 🙂 Of course, some of your emails will contain cat videos, not to mention product catalogues, company videos, etc. That’s OK!; you’re allowed to send and receive those. For managing the amount of space you use on the server we have long recommended an archiving scheme. If you choose not to use an archiving scheme like that, that’s OK, you’re allowed to do that too, and when your email account grows to exceed the 25 GB we include, then we’ll start invoicing you for the additional space you need at the same rate of US$5/C$7.50 per 100 MB per month in 100 MB increments. You can use the mail server control panel to determine how much space each of your email accounts are using.

Other things you should know:

Currency exchange rates: Our rates are based on the US dollar. This is because, as you know, international commerce is largely based on that currency, and American companies have largely cornered the market on providing top-of-the line IT services like data centres. (Largely, not totally.) For currencies like the Canadian dollar the exchange rate has generally remained fairly stable; for the Zambian kwacha this has not been the case, and we revised our kwacha rates quarterly, sometimes putting prices up, sometimes taking them down. Zambians are used to this but Canadians are not. However, due to the unpredictable economic landscape between the US and Canada these days (bad timing on our part!), the value of the Canadian dollar in US dollars has taken a dive. This has resulted in our Canadian-dollar rates increasing. Our current exchange rate of 1.5 will not remain that way for years though, as we’ll keep an eye on it and adjust it if necessary, but likely not more than once a year. When we start to accept payment in kwachas again, we’ll likely go back to quarterly revisions, while the US dollar rates on which other currencies’ rates are calculated will remain the same barring any major changes.

Do I need to pay something different even if my hosting is not expiring for a few months?: No, if you have already paid for hosting and have an expiry date in the future, your rates and your hosting will not change until your next invoice.

Can I continue to be invoiced annually?: This will likely depend on the nature of your account. For many clients you will continue to be invoiced annually if you had previously chosen to be. If you have managed your account in a more fluid fashion, changing the quotas of your email accounts with some regularity and adding and removing accounts more often, then you will likely be invoiced quarterly. This will actually affect very few clients, but it will affect some.

Will the disk quotas of individual accounts be managed and charged for separately?: No, entire domains will be assigned a disk space quota based on the number of email accounts they need. So if a client needs 10 email accounts, their domain will be assigned a quota of 250 GB (10 x 25 GB). If you want to assign a small quota of 10 GB to one account and a quota of 50 GB to another, you can. This would mean one or more accounts could use more disk space than other accounts and not incur greater charges.

We look forward a new rate system that more fairly charges based on actual usage, and doesn’t railroad clients into accepting bigger packages just because they need one more email account. We emphasise once again that most clients will not see their total invoices change, and some will even see their charges decrease. We remain open to any feedback on the new system. Thank-you.

Tags: accounts receivable, billing, email, invoices, paying your bill, paying your invoice, rates, transparency
Categories: Announcements
Comments Off

Microsoft issue update, and our invoices are very late this month

30 June 2024 23:58:21 +0000

Due to a number of factors this month, our invoices are about as late as they have ever been, for those of you who are being invoiced this month.

As is often the case when things don’t go right, there wasn’t any single factor that caused this; it was the result of a number of factors, not the least of which was the considerable amount of time we spent dealing with the block of our mail server implemented by Microsoft. You know how important working email is to you, and it is not lost on us how important email is to you and therefore our business. So we literally dropped almost everything (including this month’s invoicing!) to deal with and mitigate the problem caused by Microsoft. In fact, on 28 June (Friday) we updated our blog post about this at:

NC036: Significant issue with delivery of email to Microsoft-hosted domains

You’ll find the update at the bottom of the post with Friday’s date on it in bold. The situation now is essentially that we are back to where we were before Microsoft started bouncing mail to domains they host on 20 June; in other words, to use the term used by some of you, the situation is “resolved”, and we’re back to dealing with individual bounces as necessary. Email bounces sometimes; it’s a fact of life. It’s the email system’s feedback loop to ensure that you know what has happened to an email you send if it wasn’t delivered as you expect. No news is generally good news, as that means your message was delivered, and now you’re waiting for the human on the other end to reply.

Also in the last two weeks we’ve had to address situations with two clients that were expecting different outcomes on issues they had brought to our attention; one of them has been dealt with as far as we can at this point, and the other will be dealt with right after our invoices go out shortly. We apologise to both clients who had to deal with the fact that we couldn’t give them as much attention as quickly as we usually do when clients need us. As of a couple of hours from now, everything will be back to normal, and we thank those clients and all of you expecting invoices on 15 June for your patience.

The date on our invoices will be 28 June (the most recent business day this month), and the suggested pay-by date is 19 July. However, if you are being invoiced this month please pay close attention to the expiry dates of your services and/or domains, as if they are before 19 July you do either need to pay your invoice before the earliest expiry date noted on your invoice, or contact us to make arrangements to ensure that we are aware that you will pay your invoice so that we renew your domains or services so that they stay online. Those of you who are again scheduled to be invoiced on 15 July will see your June balance carried forward, if you haven’t paid your June invoice yet, but since we don’t charge interest on unpaid balances this will not negatively affect anyone.

We apologise for making you do so much reading lately, and I can assure you that we work very hard to ensure that our systems run as close to 100%, 100% of the time as possible. We’ll never reach 100%, 100% of the time — nobody does, even Microsoft and Gmail — but the closer we can come to that goal, the easier your life is and the easier our life is.

Thank-you, as always, for your patience during troubling times. If you have any questions or feedback, please do contact NinerNet support.

Tags: accounts receivable, billing, email, invoices, paying your bill, paying your invoice, support, transparency
Categories: Announcements
Comments Off

Adventures in blocking spam

7 May 2024 06:42:30 +0000

As we’ve said outright and intimated over the years, the battle against spam is never-ending.

One thing we have noticed in the last year or so is that a huge amount of spam comes from certain TLDs (top-level domains), but blocking entire TLDs is a bit radical. We have generally avoided doing so, but the time has come to block the following two alternative TLDs:

sa.com, and
za.com

These are simply two regular domains, but they are owned by CentralNIC (now “Team Internet” because they can’t make up their minds about how they want to be known) who market them as TLDs — just as NinerNet markets the zam.co domain as an alternative TLD (actually, SLD, second-level domain) for Zambia. Therefore, you can buy the sub-domain your-name.sa.com and your-name.za.com. CentralNIC doesn’t seem to make even a cursory attempt to stop spammers from using their domains to spam, so we now block all messages sent from all addresses on those two “pseudo” TLDs — e.g., spammer1@spammer1.sa.com and spammer2@spammer2.za.com. We’re considering blocking the .top TLD as well, for the same reason, but we haven’t yet. You can certainly block entire TLDs from reaching your email addresses as well, if you feel this rather extreme move will benefit your domain.

If you happen to correspond with a legitimate correspondent on one of those alternative TLDs, please contact NinerNet support and we will work with you to address the problem you will now have communicating with them.

Thanks for your attention to this matter.

Tags: domains, email, scams, spam
Categories: Notices
Comments Off

Email DNS settings

28 February 2024 06:27:08 +0000

A little earlier this month several of our clients with websites contacted us as a result of being sent an email message by their website designer/manager with the subject, “Updating sending DNS for newsletters”. This is as a result of the fact that Yahoo and Gmail recently decided to start enforcing email rules that the rest of us have been following for many years, but since those two providers have a huge share of the market, when they sneeze the rest of us catch a cold.

The fact is that all domains we host are already configured to follow all the rules to ensure that your messages are securely received by destination mail servers, so you and we are already in compliance with the rules that Gmail and Yahoo have just finally woken up to.

The only difference of which some of our clients need to be aware comes up when they’re using a mass-email provider to send out mass emails. As we have long advised, even though that particular post is from only last year, we strongly suggest that mass emails be sent using a service provider that specialises in that service; NinerNet does not. Yes, we have an option in our mail server’s control panel to create mailing lists, but doing so is inadvisable unless you’re just creating a very small list of your own employees, or maybe a few of your customers … with “few” in this case being defined as only a few dozen, definitely fewer than 100. If you have more than one hundred, which we certainly hope you do, then please use a company like Mailchimp. (They’re just one example; we don’t have any sort of deal with them.) Getting many emails out to many recipients successfully is not for the faint of heart; it’s a time-consuming process involving staying on top of all of the rules to avoid spam filters that enforce those rules and deem messages as spam if they are not following all the rules. And it’s especially time-consuming to prevent spam from being sent out using those services!

To follow the instructions that your mass-email provider provides you will need to log into and check the DNS settings for your domain in the nameserver control panel, and either add the records they suggest or modify the ones that already exist. For example, your domain already has an SPF record, so you will need to modify the existing record while keeping the information that the existing record already contains. If the instructions you’re following don’t make it clear how to do that, please contact NinerNet support and we will assist you.

Thanks.

Tags: dmarc, dns, domain-based message authentication reporting and conformance, email, mass email, sender policy framework, spf
Categories: Notices
Comments Off

Help! My email account is running out of space!

19 February 2024 05:39:00 +0000

Occasionally, and even more often lately, we’re asked — usually indirectly, because the “question” is more the statement that is the title of this blog post — about disk-space management when it comes to the limited email quotas that exist in every email account in the world, despite claims of “unlimited” this and “unlimited” that made by shyster hosting companies the world over.

Contrary to popular belief, you are not obligated to delete messages; you only have to move them off of the server. You can very easily do this in any full-featured email program by creating folders that are on your hard drive, as opposed to the server. Then you can archive messages by dragging them to your “local” folders, which moves the messages off of the server onto your local hard drive.

We really should create some detailed instructions on our website for this, as we’re finding this come up more often. For now though we’ll point you to this link:

Add Local Folder to Outlook to Free Mailbox Storage space

Here it shows you how to create local folders, which it also calls “personal” folders for some reason, perhaps because of Microsoft’s terminology. This will mean that you will continue to have these messages (they’re not deleted), but they just won’t be available in the webmail or whenever you’re accessing your email that is stored on the server itself, such as possibly on your phone.

It refers to this page on the Microsoft website:

Create and Use Personal Folders

The video there seems to be a good summary of what you need to do. There’s a warning at the top of the page that states, “Support for Office 2013 has ended”, but the same principle applies even if the actual technique of creating local/personal folders has changed more recently in Outlook, or if you’re (very smartly) using a different email program. It has been years since I did this in Outlook myself for a client, but it works very well.

I do the same about monthly on my own computer. Once a month I archive all emails from two months previously into “local” folders on my own hard drive, thereby freeing up space on the server. The local folders are organised by year and month, so they look like this:

2023
- January
- February
- March
- etc.
2024
- January (to be created in March)
- February (to be created in April)
- March (to be created in May)
- etc.

Then, next month (March, since this is being posted in February), I will just drag all of the emails I received in January into the local “January” sub-folder under the 2024 folder. I also create a folder hierarchy for my sent messages, organised in the same way by year and month. This way I always have this month’s and last month’s emails on the server (and available on my phone or in the webmail), and anything before that on my own hard drive. However, you can archive messages by any scheme you desire, not just by date. And, of course, if there are special messages that you want available on the server at any time, just move or copy them into folders you create on the server.

We’re all used to being aware of the fact that our hard drives are finite, even though they grow exponentially every time we buy a new machine, so we don’t save every awesome cat video we see and install software as if there’s a race to install all the software we can before we die. It’s the same with our email accounts, although on a much smaller scale.

Yes, it’s great that we can use IMAP on multiple machines or devices to have access to all past messages wherever we are at any given moment. But do we really need access to that message from 18 October 1987? Sure, there may be the occasional need to have access to a really old message — especially in industries where that is regulated by law — but not necessarily at our fingertips 24/7.

We hope that helps you understand how email works. And this applies to all email accounts with all providers, even Gmail. Daily (including at this very moment as I write this) we see outgoing messages queued on our mail server for Gmail accounts that are full. Usually they bounce after a few days unless the Gmail account owner clears up some space, usually using the technique above.

If you have any questions at all about this, and you are a NinerNet client (or want to be), please feel free to contact NinerNet support. Thank-you.

Tags: email, quota, webmail
Categories: Notices
Comments Off

Why do I get so much spam?

14 February 2024 12:55:34 +0000

NinerNet hosts email. The one thing that this guarantees us is to receive complaints about spam. Unfortunately, we’re not a monolith like Google, so we need to reply to these. Try sending an email to support@gmail.com and see what you get. Silence.

So the point of this post is to try and help people understand why they get spam at all. This has nothing to do with your email hosting provider. Well, I can certainly guarantee that NinerNet is not selling your email address(es) to the spammers, otherwise we’d be rich! But we don’t need to sell your email address. If you create the email address your-common-first-name@your-domain-that-is-publicly-known.tld, bingo, the spammers have your email address. What about that support address above? That’s what’s called an RFC 2142 address. RFC 2142 (“Mailbox Names for Common Services, Roles and Functions”) outlines a list of email addresses that are supposed to exist on every domain, and one of them is support@. They are:

abuse@
ftp@
hostmaster@
info@
list@
list-request@
marketing@
news@
noc@
postmaster@
sales@
security@
support@
usenet@
uucp@
webmaster@
www@

You probably have one or more of those addresses on your domain. Congratulations! You’ve just painted a target on your back, or maybe seventeen of them to be precise.

Other ways spammers get your email address:

Websites: Don’t post your email address on the Web! Even on your own website. There are crawlers/spiders automatically collecting those addresses every minute of every day. If you post your email address on your own website, it will receive spam within days, maybe even hours!
Unscrupulous suppliers: This has always been a bugbear. Of course, if your supplier happens to have millions of customers, it would be tempting for them to sell your email addresses. Some disguise this as “sharing your information with trusted partner organisations”. Of course, their definition of “sharing” has a dollar figure attached to it, dollars they will never “share” with you.
Crackers: Ever had a virus on your computer? Your email address and the email addresses of all of your correspondents are probably not the only thing you’ve handed over.
Friends: You know that idiot friend or relative of yours that sends out joke emails with hundreds of email address in the “to” and “cc” fields? Yup, thanks Aunty Betty / Uncle Bobby.
Forwarding: This is one the things that has driven me crazy since the 20th century! It’s bad enough that your friend/relative has sent you the world’s funniest email joke in the history of humanity, but they copied it to a thousand of their closest friends and relatives by putting their email addresses — including yours! — in the “to” and/or “cc” fields so that everyone can see them! And then, to show how ignorant some of their friends and relatives are, some of them forwarded the same email with all of those addresses still exposed in the body of the message. Those email addresses are all then exposed to whatever malware comes along on any of the hundred or thousands of computers on which those emails are stored. But it’s not just ignorant friends and relatives that do this; I’ve seen supposedly professional IT people do this in professional, business emails!
Hacked databases: Related to the “unscrupulous suppliers” point above is the fact that the databases of said suppliers are hacked all the time.
WHOIS: If you’ve registered a domain, the domain registry likely has your email address in a publicly-accessible database called the WHOIS (“‘Who is’ the owner of this domain?”). Thankfully, when the GDPR was implemented in the European Union in 2018, the biggest registries in the world — the ones that run the gTLDs (generic top-level domains) — were forced to take their heads out of their nether regions and stop publishing that information. But sadly, some ccTLD registries still have their heads planted firmly where they’ve always been (can anyone say dot-zm?) and they still make this information freely available to spammers scraping the WHOIS, despite their feeble disclaimers.
Viruses and other malware: If one of your contacts’ machines or devices are compromised by a virus, one of the purposes of that virus is probably to spam you, or send copies of the virus to you.
Subscriptions: If someone is trying to get your email address for their newsletter, maybe they also want it to sell it.
E-cards: Awww, it’s so lovely to send your valentine (or wannabe valentine) a valentine “e-card” … or Christmas card, or birthday card, or …. You probably didn’t ask for their consent first though, so you’ve essentially just screwed (and not in the way you or your valentine want to on Valentine’s Day!) your valentine’s email address for the rest of his/her life, or the life of that email address.
Signing up for stuff: Whether it’s a free report or white paper or signing up for a class at a local community centre, you lose control of your email address the moment you give it out to anyone. Some websites exist simply for the purpose of collecting email addresses in this way, a cute, shiny bauble for your email address. Are you really going to read their hundreds of pages of terms and conditions to realise how your email address (and you) are going to be abused? Didn’t think so.
Phishing: Phishing emails essentially just try to trick you into doing something you normally wouldn’t do. Of course, they already have your email address from any of the methods listed here, but they want more than just your email address, and perhaps what they want are the email addresses of all of your contacts. Often they can get these if somehow you give them to them (LinkedIn) or they can get if you give them the password to your email account where you might have them saved.
Plug-ins and apps: Be very careful of plug-ins and apps that may be copying all of your contacts and sending them to whoever is controlling the app or plug-in. Be especially careful of apps and various social media websites (such as LinkedIn) that helpfully offer to send invitations to your contacts! We mention LinkedIn in this regard especially, for these three reasons:
- Use of e-mail accounts of members for spam sending,
- Perkins lawsuit (related to the above), and
- Moving emails to LinkedIn servers.
Brute force: Besides the technique mentioned where spammers send to a list of common names on all domains, they can simply send to a@example.com, b@example.com and so on, and then start again at aa@example.com, ab@example.com and so on. The terms “brute force” and “dictionary attack” apply here.
Buying it: The other side of any of the above transactions happens when anyone who has obtained your address by one of the methods above sells it to willing buyers. You yourself have probably been spammed by people offering to sell you lists of email addresses, all of which would have been acquired by one or more of the techniques above.

If even one of the above applies to you, you have signed the warrant to have your email address spammed, but chances are that you have committed several of the above, compounding the problem. Again, it’s not your email provider’s fault that you get so much spam.

How can I receive less spam?

Two VERY effective ways to avoid spam are to use “supplier addresses” and rotating temporary email addresses. Let me explain both:

Supplier addresses: For many years I’ve operated a system of what I call “supplier addresses”. If I’m dealing with Twitter, for example — not that I use their name because they were mentioned in recent news about a data leak — I create the email address “twitter@mydomain.com”, and I only give that address to Twitter, nobody else. (Actually, don’t create a new email address, just create a free alias for the email address that will receive email from that supplier.) Yes, I have the email address my-common-first-name@mydomain.com, but the only people who get that email address are my family, friends and existing clients. Nobody else on the planet gets that address, and I certainly don’t enter it into a form field on a web page and I don’t post it on the Web! So if Twitter (in this example) sells my email address or is hacked, I know exactly who let my email address into the wild. To be frank, that hasn’t happened to me many times, but I quickly realised that it does happen, so the email aliases I create now all include a number (e.g., twitter123@mydomain.com). If the email address is compromised I just change the number and inform Twitter by changing it in my account with them and kill the old alias. My numbering follows a system, but you can make your own rules.
Rotating temporary email addresses: I link above to the service that NinerNet provides, but at this point it’s a very limited, non-automated service with very few customers. However, it’s not rocket science and you can do it yourself on your own domain. For example, if your primary address is bob@yourdomain.com, create a free alias for this month called “bob2402@yourdomain.com” on that address. I also create one for last month and one for next month, to ensure continuity when the month changes over. (The numbers in this example are obviously two digits for each of the year and the month.) Now you can give out the temporary alias to whoever you want with no concern at all about being spammed. Want to download that “free” white paper? Give them your temporary alias secure in the knowledge that when (not if) they start spamming you it will probably be after that email ceases to exist. Then at the beginning of next month, just delete one alias and create the next. In February I will have an alias for last month (2401), this month (2402), and next month (2403). On 1 March I will delete the January alias and create the April (2404) alias. If you have a contact form on your website for new customers to contact you, reply from this month’s temporary alias until they become a new client. At that point you obviously have to throw caution to the wind and start using your “real” email address, but you’ve already done a lot to hugely reduce the amount of spam you will receive from not following any precautions at all.

With a little imagination — but feel free to contact NinerNet if you need help — you can apply the above principles to all of the email addresses in your company, whether it’s just you or you have a thousand employees. They will drastically reduce the amount of spam you and your employees receive, before your email service provider’s anti-spam system even kicks in.

They key point here is that you need to practise “email hygiene”. How is your email hygiene?

Tags: email, phishing, rotating temporary email, scams, spam
Categories: Notices
Comments Off

Email restrictions reminder, Phishing

13 December 2022 05:00:02 +0000

As Christmas rapidly approaches, we’d like to remind you of two limitations to keep in mind with respect to sending email, and to implore you once again to take phishing scams seriously.

Sending limits

Within the last year or two we have had to implement a limit of sending to 300 email recipients per day per email account. This is a limit that hardly anyone runs up against, but it does happen. The reason for this is quite simple: email accounts are hacked when a computer or phone is compromised, and the person or organisation who has compromised the account then uses the account to send spam or phishing messages. If there was no limit on how many messages can be sent in a day they’d send millions! If this happens, our IP addresses are blacklisted and then none of our clients can send any emails outside of our network.

With this limit in place messages to only 300 recipients can be sent, and by the time the 24 hours are up a compromise will have been noticed, and the password for the email account can be reset. (We often notice these spam runs when they are in progress, and they are shut down before more than a few dozen are sent.) Experience has shown that if 300 such messages are sent, that seems to be just below the point at which damage to our IP addresses’ reputation is done. We experimented with a limit of 400, but damage was still done.

If you’re going to send messages to a few hundred or thousand of your customers we suggest the following:

If you regularly want to send that many emails we strongly recommend that you use a company such as Mailchimp.
If you have a one-time need to send a lot of emails, break your list up into groups of 300 (or just under 300) and send that many a day.

Please note that however you chose to send mass emails you must have documented proof that you’ve received permission from the recipients to send them non-personal emails like this. If you don’t have that permission, then don’t send them those emails. It’s quite simple. If you don’t have permission you cannot defend yourself against accusations of spamming, and you risk your account being suspended and removed.

Also note that the limit is the number of recipients. If you send an email to Bob, copy it to Jane and blind copy it to Jim, that’s 3 of your 300 recipients (not “1 message”). If you send another email to the same people, that’s now 6. If you send one email blind-copied to 300 recipients, you’re done for the day and you can go home. 🙂

Sending restrictions

We often see clients trying to send emails with restricted attachments. Our mail server stops emails with executable attachments (.exe files, for example, but there are more and it’s not the file name extension that determines if a file is executable) and documents that contain macros, or scripts that can be executed when the document is opened. These cannot be sent by email because they could contain malicious code. If you want to send these files to someone else we suggest that you either use what’s called the “sneakernet” — put the file on a flash drive and walk it over (perhaps wearing “sneakers”) to the person you want to give the file to — put the flash drive in the postal mail, or upload the file to a website or file upload service from where someone can download it.

Many office-type documents — spreadsheets, word processing documents, slide shows, etc. — contain macros (scripts), which you may or may not be aware of, and if you’re trying to send them they will not reach the intended recipient. Sometimes when you create a PDF file from an office document the scripts are embedded in the PDF, and those will be blocked for the same reason.

All email services — even the biggest ones — have these restrictions so that the email service as a whole can still be useful to the people that use it. If we don’t stop these kinds of emails from going out, the recipients’ mail servers will stop them from coming in.

Phishing

We desperately want to remind you yet again — we know, it sounds like a recording — about email scams, and in particular “phishing” scams. These scams happen. They happen to you. They happen to our clients. 2022 was a record year for our clients, and not a record to be proud of. Just among the clients we know of, over US$100 000 was lost as a result of phishing scams. This is shocking; this is heartbreaking. It doesn’t need to happen.

Treat every email you receive — even this one! — with suspicion. Rather than looking for signs that an email might be a scam, just assume it is! Then look for the signs that it isn’t a scam. Instead of memorising an interminable list of things to look for that show an email is a scam, instead simply ask the message to prove to you that it really is from the person who claims to have sent it, and that the request it contains is legitimate. Did NinerNet really just send you the email you received that is asking you to verify your email password, or upgrade to some service that we don’t even offer? No, we didn’t send that email. We just don’t send emails like that, and neither does any other mail provider … or bank, or life insurance company, or …. Almost nobody sends a legitimate email claiming that you have to pay an invoice in a different way to how you’ve been paying that company for years! Yes, your suppliers do change banks occasionally, but if they do they will give you plenty of notice, not send you a frightening message out of the blue demanding that you send them money to a different destination or have your service cancelled. It just doesn’t happen like that in the real business world. THINK! BE SUSPICIOUS!

You should learn more about email scams and phishing. Read these links:

NinerNet blog on Scams
NinerNet blog on Spam
Wikipedia on Phishing
Man-in-the-middle attack
- This attack was used to steal about US$50 000 from one of our clients and their clients.

If you have any questions about any of the above, please do let us know. Thank-you.

We will have one more email for you before the end of the year, with information we’re excited about because we hope it will improve our email infrastructure in 2023. We hope you’ll like it too.

Tags: email, email sending limits, email sending restrictions, phishing, scams, spam
Categories: Notices
Comments Off

Shaw continues to have problems receiving email

17 August 2022 11:36:57 +0000

We’ve posted countless times now about this, and really, this is likely to be the last time. Shaw’s email filtering sub-contractor continues to block legitimate email from NinerNet servers. This legitimate email includes messages from banks, universities and the like. We’re not talking about spam here, but legitimate financial and business email.

As we’ve said before, we strongly advise that you do not use automatic forwarding of all messages. There are actually very few, limited circumstances under which this is necessary. If you’re not clear on why, please contact us to ask and we’ll be happy to discuss this with you. There may be something related to email you’re not fully understanding.

In other Shaw-related news, NinerNet was not affected by the Rogers outage last month. This is Shaw-related because Rogers will very likely be taking over Shaw, which means that future Rogers outages will be spread, like a virus, to the Shaw system too. Thankfully, none of NinerNet’s systems rely on Shaw or Rogers at all. This is a design choice that we made long ago.

Tags: deliverability, email, reputation, rogers, shaw
Categories: Notices
Comments Off