Mon Mar 18 17:42:18 PST 2002 — We have added support for SPOP (aka TLS or POP3s) to our POP3 servers. SPOP encrypts the connection between your email client and the server with the same kind of encryption used more commonly to secure websites. This enables users to securely connect to our POP servers from insecure networks without fear of their password being transmitted in clear text along the wire. SPOP is supported by the majority of popular email clients. We do not recommend that users who are directly connected to our network use SPOP; The overhead of encrypting the traffic causes unnecessary load on both our servers and your client computer. NOTICE: At this time users requiring POP B4 SMTP authentication to relay mail through our servers from off of our network should not use SPOP and should continue to use POP until further notice. We expect to enable the use of SPOP for relay authentication shortly. -Kelsey and Nathan

Mon Mar 18 17:39:36 PST 2002 — Last Friday, March 15th, we added an additional PM3 to our San Francisco POP and brought another PRI online. This upgrade should resolve any capacity problems with our XXX-9606 numbers served by the San Francisco pop. -Russ

Thu Mar 14 20:13:35 PST 2002 — Covad reports: Some services out of Santa Rosa, CA (SNRSCA01-SL1) CO are down. Covad tx tech dispatched. If you have a Covad circuit with Sonic.net that is affected by this, please let us know and we’ll keep on top of the repair. -Dane

Thu Mar 14 19:37:12 PST 2002 — We’ve found and fixed incorrect permissions settings on a large number of user’s FTP incoming directories. Setting permissions of read/write/execute on these directories allows pirates to dump stolen software into the directory to be downloaded by others, and is generally a bad thing.

Please set permissions for incoming directories to write/execute only for group and other, eg drwx-wx-wx, or mode 0733. This allows people to upload into the directory so that they can submit files to you, but not to list the contents or download from the directory. 130 directory permissions were fixed. -Dane

Wed Mar 13 11:17:32 PST 2002 — Emergency maintenance on our 707-522-1002 dialup pool today by PacBell. This was scheduled to be done tonight but PacBell has informed me that they need to do it this afternoon. If you normally dial our 1002 dialup pool, this will cause a 15 to 20 minute outage at 1:00pm today. The 1002 pool should be back up by 1:20pm We apologize for the short notice on this. Thank you. -Steve

Wed Mar 13 16:43:28 PST 2002 — We just completed deploying a new Linux kernel on all of our mail servers. The new kernel fixes a small build error that was preventing all of the RAM on our servers with 1GB of RAM and more from being fully utilized.

This morning we also corrected another small build error with our name servers that prevented Bind 9.2.0 from properly multi-threading. The new properly threaded build isn’t faster than the single-threaded build but better utilizes both CPUs in each server, as well as maintaining responsiveness during cache and zone maintenance. -Kelsey and Nathan

Tue Mar 12 12:53:43 PST 2002 — We have corrected a small bug in our POP-B4-SMTP authentication system that caused occasional failures for mailbox customers sending mail through our SMTP servers from off-site. -Russ and Nathan

Tue Mar 12 11:34:14 PST 2002 — Sundry Upgrades: We have been working hard on a series of key upgrades to improve the performance of our network and servers over the past few months. Due to our use of server load balancing, none of these upgrades caused any interruption of services to our customers.

We are in the process of replacing our slower mail servers with dual 1Ghz PIII’s and have already replaced two of the six, and have plans to upgrade two more shortly. The new servers are many times faster than the old ones, and can handle more intensive and intelligent spam and anti-virus filtering as well as providing better responsiveness to our customers while sending and receiving mail.

We have replaced marine.sonic.net, our old out-bound qmail server, with a group of faster load balanced qmail servers. This upgrade increases the speed at which we can deliver mail destined for other networks and gives us redundancy where we used to have a single point of failure.

We are in the process of adding SPOP (or POP3S) support to our POP3 server. This protocol encrypts POP3 traffic with the same type of key used to secure SSL/HTTPS web sites and allows for users to securely connect to our POP3 server from insecure networks. SPOP is supported by most of the common mail clients for Windows, Mac and Unix. Clients which do not support SPOP directly can use a helper application to connect via SPOP.

We also upgraded our three main DNS servers. First we upgraded their hardware so they are now all dual PIII’s with 1GB of RAM and then recently upgraded the name server software – Bind – to version 9.2.0. Our name servers are blazingly fast now and Bind 9.2.0 is proving to be less problematic for us than Bind 9.1.3. -Kelsey and Nathan

Mon Mar 11 14:15:48 PST 2002 — Server pool upgraded to use SYN cookies. Both our mail servers and web servers have been upgraded to resist a kind of attack called “SYN floods.” This is an attack where the attacker tries to open hundreds, if not thousands, of connections to our servers, which can result in denial of service. Following some anti-spam actions, we have seen an increase in these types of attacks on our web servers — apparently, we’ve ticked off some spammers who are now trying to “make us pay.” They will not succeed. -Kelsey, Nathan, and Scott

Fri Mar 8 14:59:37 PST 2002 — We found a routing error which affected the 522-1001 modem pool. The error was corrected and all is working well now. Thanks -Steve