cancel
Showing results for 
Search instead for 
Did you mean: 

Postini Email Security Trial

Community Veteran
Posts: 26,780
Thanks: 983
Fixes: 10
Registered: ‎10-04-2007

Re: Postini Email Security Trial

@andyrogers
Have you sent yourself test emails? (I've sent some through from Google to check the headers in the last half hour and they arrived in seconds)
Have you sighned up for the Postini trial?
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
LiamM
Grafter
Posts: 5,636
Registered: ‎12-08-2007

Re: Postini Email Security Trial

No change to any of my opted in accounts at PlusNet's nameservers so it doesn't look like they've made any DNS changes yet.
Moderator
Moderator
Posts: 27,914
Thanks: 2,170
Fixes: 232
Registered: ‎14-04-2007

Re: Postini Email Security Trial

Quote
Detailed description of work to be performed:-
We will may be migrating trialists onto an alternative anti-spam platform provided by Postini.

Will we get an update today on the state of play....please Smiley

Customer and Forum Moderator. Windows 10 Firefox 66.0.5 (64-bit)

Mand
Grafter
Posts: 5,560
Thanks: 2
Registered: ‎05-04-2007

Re: Postini Email Security Trial

Hi there,
The changes were completed in the early hours of this morning.
We'll need to wait for DNS changes to propogate, but then you should see the changes.
Moderator
Moderator
Posts: 27,914
Thanks: 2,170
Fixes: 232
Registered: ‎14-04-2007

Re: Postini Email Security Trial

Thanks Mand Smiley

Customer and Forum Moderator. Windows 10 Firefox 66.0.5 (64-bit)

Community Veteran
Posts: 26,780
Thanks: 983
Fixes: 10
Registered: ‎10-04-2007

Re: Postini Email Security Trial

Quote from: Bob
It will take up to 48 hours for DNS to fully propagate but once it has your MX records will look a little like this:
;; ANSWER SECTION:
username.plus.com.    86400  IN      MX      10 mx-postini.core.plus.net.
username.plus.com.    86400  IN      MX      20 mx-postini.last.plus.net.


My username.plus.com records look like that, but what should the MX records for our hosted domains look like? Mine are absolutely nothing like that.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Ianwild
Grafter
Posts: 3,835
Registered: ‎05-04-2007

Re: Postini Email Security Trial

Looking at the records for at least one of your domains, it's still got a timestamp of 2007120301, so it's not reloaded with the new details yet...
Bob might be able to check further, but we said it would take 48 hours for all the changes to take place, and I think until that time has expired you need to exercise a little patience (please!).
Ian
Community Veteran
Posts: 26,780
Thanks: 983
Fixes: 10
Registered: ‎10-04-2007

Re: Postini Email Security Trial

Both of my domains have been updated.
(I assume you were doing the sensible thing and checking on the authoritative servers for the domains (ns1 & ns2.force9.net and not some caching server)
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
bobp
Grafter
Posts: 64
Registered: ‎29-06-2007

Re: Postini Email Security Trial

a quick check of 20 nameservers not in the UK shows that the change has propagated to 8 of them so far.
bobp
Community Veteran
Posts: 26,780
Thanks: 983
Fixes: 10
Registered: ‎10-04-2007

Re: Postini Email Security Trial

I've now received test emails for both domains that have come via Postini so it looks OK now. This is what the entries look like for a hosted domain:
C:\Documents and Settings\John>nslookup -type=mx mydomain.co.uk ns1.force9.net
Server:  ns1.force9.net
Address:  195.166.128.16
mydomain.co.uk    MX preference = 200, mail exchanger = mydomain.co.uk.s5a2.psmtp.com
mydomain.co.uk    MX preference = 300, mail exchanger = mydomain.co.uk.s5b1.psmtp.com
mydomain.co.uk    MX preference = 400, mail exchanger = mydomain.co.uk.s5b2.psmtp.com
mydomain.co.uk    MX preference = 100, mail exchanger = mydomain.co.uk.s5a1.psmtp.com
mydomain.co.uk    nameserver = ns2.force9.net
mydomain.co.uk    nameserver = ns1.force9.net
mydomain.co.uk.s5b2.psmtp.com      internet address = 64.18.4.14
ns1.force9.net  internet address = 195.166.128.16
ns2.force9.net  internet address = 195.166.128.17
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Community Veteran
Posts: 26,780
Thanks: 983
Fixes: 10
Registered: ‎10-04-2007

Re: Postini Email Security Trial

Is the volume of incoming emails at it's typical levels? (i.e. are the spammers still active?)
I usually get a steady stream throughout the day - the only spam I've received since 9am didn't go through Postini (i.e. using the old DNS entries). That is most unusual.
The (very) early signs look highly promising.  Smiley
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Community Gaffer
Community Gaffer
Posts: 13,901
Thanks: 1,423
Fixes: 118
Registered: ‎04-04-2007

Re: Postini Email Security Trial

That looks about right Jelv.
Eager to see how this pans out for those who get lots of spam to their accounts. Even with the Webmail Incident there's only about 12 a day delivered to my PlusNet account so I've not been able to see it first hand (apart from on the internal mail platform which is a slightly different beast).
Just a reminder that at this stage it will only affect volumes reaching your mailbox and not the amount of messages that are tagged/not tagged.
I'll need to check this but I don't think we've blocked the email yet that will be getting sent by spammers directly to the mx.last and mx.core virtual hosts either. This means that some stuff has the potential to bypass Postini. On the internal mail platform we block anything that doesn't come via Postini and this is ultimately what we'll do for customers once we've allowed time for the changes to bed in.
At the moment you may get email that's taken any of the following routes -

  • Sender > Postini > Critical Path > mx.cores > You
  • Sender > mx.last > You
  • Sender > Critical Path > mx.cores > You
  • Sender > Postini > mx.last > You * not very likely this one

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Community Veteran
Posts: 26,780
Thanks: 983
Fixes: 10
Registered: ‎10-04-2007

Re: Postini Email Security Trial

As there are no references to mx.core and mx.last in the new DNS entries isn't the only way we could get email direct to those is if they are using cached old DNS entries? If that is the case surely after a few days those should virtually disappear so I'm puzzled as to why they may need to be blocked.
I don't usually get a lot - but enough to notice the difference (around 10 an hour) - they have stopped totally. But I haven't received anything tagged via Postini (by Postini in the headers or by DSPAM) - but then most of what I was receiving was such obvious junk I have no qualms about Postini totally binning it.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Community Veteran
Posts: 26,780
Thanks: 983
Fixes: 10
Registered: ‎10-04-2007

Re: Postini Email Security Trial

Would errors I've suddenly started getting on a Perl sendmail based script on ccgi be anything to do with these changes?
Content-Type: text/html; charset=iso-8859-1
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title>Error</title>
</head>
<body>
  <h1>Application Error</h1>
  <p>
  An error has occurred in the program
  </p>
  <p>
  close sendmail pipe failed, mailprog&#61;&#91;/usr/sbin/sendmail -oi -t&#93; at
&#40;eval 8&#41; line 108.
  </p>
</body>
</html>

It's from the membership form on my .org.uk domain.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Community Gaffer
Community Gaffer
Posts: 13,901
Thanks: 1,423
Fixes: 118
Registered: ‎04-04-2007

Re: Postini Email Security Trial

Quote from: jelv
Would errors I've suddenly started getting on a Perl sendmail based script on ccgi be anything to do with these changes?

If the from address is your domain then I guess this is possible. I'd need to chase it up.
Quote
As there are no references to mx.core and mx.last in the new DNS entries isn't the only way we could get email direct to those is if they are using cached old DNS entries? If that is the case surely after a few days those should virtually disappear so I'm puzzled as to why they may need to be blocked.

You'd be surprised jelv, trust me. I have a domain that hasn't used Plusnet's mail exchangers for well over half a year and spammers still send email destined for my domain to our mx.last and mx.core servers. This was certainly an eye opener for me when I realised it was happening as I originally thought along the same lines as you.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵