Categories
Announcements Status

Potential Spam Issue with Account Emails

This morning we received a disturbing report of a potential issue: a customer with an email address unique to our service received a spam message at that address. Throughout the day we subsequently received two more identical reports leading us to believe there is a potential issue. We are extremely disappointed that information associated with Roller Network may have been leaked in any manner, whether it’s our fault or not, tarnishing our otherwise flawless record up to this point.

The only common thread that these reports have is that they have submitted a payment via our merchant account, which is the only time an email address in our database was associated to something outside of our account control center. As a precaution we are no longer submitting email addresses with transactions of any type; we have changed our side to send a generic email address under our domain. It is unique (just created today) in case we should see any activity at it. While we have notified our card processor of a potential problem, we have not been able to confirm it with them at this time.

If you have used a unique email address with our services, please report spam to us immediately. Specifically, we are interested in accounts that used different billing and contact addresses. If the billing email address received this spam while the contact address did not, then we can narrow our investigation. Please send them to our support address.

Spam Details

The type of spam that is being propagated to the unique addresses is specific and virtually identical, but uses some phrasing variations to evade content filters. A sample of one of the reported spams is as follows:

Hey.
I am contacting you regarding your adult profile.
I find your message on adult site nice.
I am nice looking female. I am moving to your place in few weeks.
and searching for a male to show me the place.
We could see if we have the chemistry between us.
I am sending you my snap.
I am coming from Russia.
I'm outty

Another variation might be:

Wassup?
I am contacting you regarding your adult profile.
I find your message on adult site interesting.
I am pretty looking lady. I am coming to your place in few weeks.
and looking for a guy to show me around.
This way we could discover each other.
I am sending you my photo.
I am coming from Russia.
See ya

In all cases the spam has been sourced from throwaway Hotmail addresses and includes an image attachment. We have verified that the test accounts we maintain – at the time of this writing – have not logged any attempts with hotmail addresses or spam of this nature.

Our Policy

Roller Network as does not (and will never) sell or distribute email addresses from our records; we do not employ any marketing or sales staff. The database that holds account information is not directly accessible over the internet, and operates within a extremely limited scope of access from systems that do. Most notably it is only accessible via the account control center, and never as a whole. All database queries consist of the account’s unique ID and use prepare/execute with bind values. Also, the forums and this newspipe are explicitly independent for reasons such as this. However, we are checking the account control center as a precaution.

Our database also contains test accounts. Thus far we have not seen any matching activity on the email addresses associated with those accounts. (These accounts have never been used with live payments.)

Categories
Status

Array BBU on “mail2”

This morning we received a diagnostic notification from the array controller for MX record mail2.rollernet.us that the battery backup unit (BBU) heath check had failed. As such, we will be replacing it ASAP as an emergency maintenance event. There is no major operational impact from this event as the array continues to operate in a failsafe mode without its write cache enabled. We will update this post when we set a time to replace the BBU.

[20100914 11:53] The replacement battery has arrived. We are preparing to remove the affected server from the rack; replacing the BBU requires the server to be powered down.

[20100914 12:07] BBU replacement in progress.

[20100914 12:21] BBU replacement complete.

Categories
Status

POTS Line Work

We will be doing some unplanned work on our POTS lines throughout the day. Our call volume is typically extremely low and while we will endeavor to keep interruptions to a minimum, if you do happen to call us with a “ring no answer” please wait a few minutes try again. No services will be affected other than our main voice phone number.

UPDATE: This work has been completed. (16:41)

Categories
Announcements Changes Status

Default DNSBL Change

This post has been removed; it was being used to further a disagreement between third parties unrelated to Roller Network. A screen capture of the original is below.

We, as a hosting provider or ISP, are not in the position to judge what may be “objectionable” content because everyone will have a different opinion.

Categories
Status

Hosted Mail Outage

One of the servers in an active/standby pair that’s part of our hosted mail service locked up for reasons unknown at this time. The standby didn’t automatically take over so we cut power to the active server to force the standby to promote itself to active. Master ticket ID 2125. We are seeing a successful takeover by the standby at this time and services have been fully restored.

Timeline

[2010-06-09 13:06:04] First soft alert of POP3/IMAP connections refused.

[2010-06-09 13:08:04] Hard outage alert for NOC response.

[2010-06-09 13:13:36] Powered off “active” server in the troubled pair after no login response (SSH and console) and failure of the standby to self-promote.

[2010-06-09 13:14:10] Successful promotion of standby to active. POP3/IMAP connections accepted.

Total outage time for hosted mail boxes on this pair was approximately 8 minutes, 6 seconds.