Category: Announcements

No Spamhaus DNSBL Support

Post author By Roller Network
Post date July 8, 2014

We have regretfully removed support for Spamhaus from our mail service DNSBL filter. Our paid account structure model unfortunately doesn’t correlate with how DNSBLs like Spamhaus (and SURBL and URIBL) charge for their data: they assume user counts, but at Rollernet we don’t count domains, mailboxes, valid users, features, etc. This is somewhat unique. Most similar providers charge for these items individually or have package limits. In our case our uniqueness of not tracking per-user stuff (which means we aren’t charging for things like total number of mailboxes) and allowing full customization to DNSBL settings (where customers can exclude DNSBLs entirely) is incompatible with other subscription services that assume this cost has been accounted for.

To bring services like these back in the future we may consider adding a special subscription option to allow use of these DNSBLs so that we can track their costs and only apply them to that accounts that are using them. This will allow us to match their pricing models without raising our prices across the board or switching to a per-user model ourselves. If it pans out we’ll post an update. But for now, the removal of support is final.

Announcements

4th of July Holiday

Post author By Roller Network
Post date July 1, 2014

Our office will be closed on Friday, July 4th 2014 in observation of Independence Day (US Federal Holiday).

Customers requiring emergency assistance during this time should refer to their welcome sheet for contact information.

Announcements Status

DNSBL: AHBL Closing Down

Post author By Roller Network
Post date April 15, 2014

The AHBL DNSBL is closing down and emptying its DNS zones. As such, we will be removing all *.ahbl.org configurations from customer DNSBL settings.

See the announcement at: http://www.ahbl.org/content/changes-ahbl

Announcements Status

OpenSSL “Heartbleed” Vulnerability Statement

Post author By Roller Network
Post date April 10, 2014

The Heartbleed Bug is a major vulnerability in the OpenSSL library. OpenSSL is extremely popular and is used as the cryptography library behind the scenes for countless secure applications. By now you’ve probably heard about it and its widespread implications. We’re not going to rehash it here, see: heartbleed.com

Roller Network uses Debian Linux as the OS of choice for our servers. However, we do not generally stay on the “bleeding edge” of updates, and in this case that has served us well.

Debian 6.0″squeeze” utilizes the OpenSSL 0.9.8 release. This is the previous stable release. (See debian.org/releases/ for more information.)
Debian 7.0 “wheezy” utilizes the OpenSSL 1.0.1 release. See: http://www.debian.org/security/2014/dsa-2896

OpenSSL 0.9.8 is not, and has not been, vulnerable to “heartbleed”. Only the newer OpenSSL 1.0.1 through 1.0.1f is vulnerable.

So where does that leave us? The good news is that we were still Debian 6.0 “squeeze” at the time of this security fiasco because we don’t like to jump right into the latest release for the sake of updating. The Debian security team still provides security updates to the previous stable release (also known as “oldstable”) for a period of time, so we’re in no rush to upgrade. Specific software that we do want to have newer versions of are either obtained from Debian backports or compiled manually. We like to take a wait-and-see approach before upgrading Debian distributions.

Here’s a rundown of the major services:

Incoming mail servers (MX servers): Debian 6.0; not vulnerable, no risk.
Hosted mail services (POP3, IMAP, Sieve): Debian 6.0; not vulnerable, no risk.
Outbound mail services (SMTP AUTH, smarthost): Debian 6.0; not vulnerable, no risk.
Webmail clients (Squirrrelmail and Roundcube, EV cert): Debian 6.0; not vulnerable, no risk.
Primary and Secondary DNS Servers: Debian 6.0; not vulnerable, no risk.
Account Control Center (acc.rollernet.us, EV cert): Debian 6.0; not vulnerable, no risk.
LDAP, RADIUS, and SQL database servers: Debian 6.0; not vulnerable, no risk.

This is great news for our customers: at no time were any password-accepting Roller Network servers running a distribution that was affected by “heartbleed”. We did have an internal server in the office running Debian 7.0 and it’s been patched, SSH keys regnerated, and its SSL cert (signed by our internal CA) reissued.

Announcements Changes Status

Facility UPS Maintenance

Post author By Roller Network
Post date March 8, 2014

Twitter posts for this event start at: https://twitter.com/RollernetNV/status/445230635582386177

UPDATE 2014-03-16: UPS maintenance successfully completed!

We are working on scheduling an upcoming facility UPS maintenance and start-up with Eaton to take place on Sunday, March 16th. no earlier than 17:00 Pacific time Friday, March 14. We have requested March 15th or 16th, or the following weekend (21st after 17:00 or 22nd, 23rd). Once we have a firm date and time we will publish a facility maintenance notification online and direct to customers by email. We are also planning to provide live updates during the procedure.

Earlier this year we purchased another Eaton UPS to bus-tie into the existing parallel/redundant tie panelboard. This will add another 30kVA of capacity to the system and allow us to finish selling the remaining colocation space in Phase I with the goal of reaching “sold out” status. However, to tie in another unit requires a factory technician to commission the new UPS on site and placing the existing system into bypass for a short time. There is also a risk of start up failure on the newly installed unit, as with any untested piece of equipment. At this time the new unit is installed and fully wired with input/output breakers open, waiting for start up.

UPDATE: This is scheduled for all day Sunday, March 16th.

UPDATE: We will update this post as needed during the event and possibly live-tweet it. You can follow @rollernetnv on Twitter or watch the feed on rollernetstatus.com