Archive copy of letter sent to ArgoNet subscribers - 8th Feb 2005
Spam and Bounced E-mails - On Sunday 19th June 2016 a customers e-mail login details were appropriated which allowed a valid login to occur on our mail server. After this the spammers proceeded to use the server to spam for approx 6-9 hours as we became aware of this situation we suspended the account cleared the spam and our servers. At this point the procedure is to fill in various forms to explain and request that we are removed from any blacklists that we have been put on. This was all done by the evening of the 19th June. The 2 major lists we were placed on were Google and Microsoft. Over the next week Google have responded and we have been removed from there servers. However Microsoft appears to be a lot slower in doing this and as they do have a lot of mail servers worldwide (Orpheus only has 6) it has been a much slower/patchy recovery. As I write 30th June we have some customers who can now send to MSN Hotmail Yahoo Live.com Outlook.com addresses and also some who still can't. I have spoken to a network security expert at Cambridge University who has informed me that when one of there devices was used in a spamming incident they were still having problems a month later. I hope our listing will be sorted by then but it is an automated system and once we have done our part we are reliant on other people/companies to do there part. This is a very good reason why we have difficult passwords and always ask customers to be vigilant with there details as a lapse causes a huge amount of inconvenience to us all.
*Update 4/7/16* I have just been informed that there are approx 100,000 servers run by Microsoft. This means the removal from the blacklist will take some time as it propagates across them.
*Update 7/7/16* Following testing we have found that our smtp2 authenticated server has not been listed therefore switching to use that server will serve to allow sending of mail to all domains. If you do not currently have access to this server please get in direct contact with the office and we can arrange for that to happen.
Bash Vulnerability - All the Orpheus servers are patched with the latest updates and are not vulnerable based on the data released so far. However, further updates are expected and these will be applied once released. We do have one very old web server that runs a aversion that will not be updated. This server has a handful of websites on it. It has been in the process of being migrated to our new servers so this process will be sped up, so that we can turn this server off asap. Details can be found here.
Service loss - Yesterday evening (26th Jun 14) a switch module went faulty in the building that houses our Orpheus servers. The unit has now been reset and the fault is being investigated with a view to replacement if required. The loss of connectivity affected all servers on this particular module including ourselves. We have now placed extra instructions on the servers so if this should happen again the port which did not reset will now do so automatically after 30 secs. We also have taken note of the fact that we currently do not have a backup status page for our customers to go to in events like this. This will now be addressed asap so that we can keep you informed in the future.
Bleedbug Info - The Orpheus servers are based on CentOS Linux. Version 5 runs a version of openssl that is not vulnerable and version 6 received an update on the 8th April. All the servers automatically updated on the night when the patch was released. The only systems that actually use SSL certificates, are the Blue Onyx as they run self-signed certificates for httpd connections for us and our customers to login for system administration. We've created and installed new self-signed certificates on the servers so our customers will get a warning message to trust the new certificate when they login next.
Net Station compatibility - We've now acquired the capability to re-program NC/set-top box smart cards in order to connect to Orpheus. If you would like us to re-program your smart card, please return it to us together with a stamped addressed envelope and a cheque for six or twelve months subscription. We will setup a new account and return your smart card, reprogrammed to connect to Orpheus Internet.
Voyager update v1.02 now available - A minor update to VoyUpdate, which allows you to over-rule the disc checking, just in case VoyUpdate thinks there's not enough space on the hard drive to make a backup, when there is.