Feeds

Domain name gaffe launches Clearswift clients into e-mail panic

Mission critical app in critical condition

Choosing a cloud hosting partner with confidence

A domain name snafu at Clearswift, a company that filters email and web pages for objectionable content, wreaked havoc on some of its business customers when admins awoke to find their organizations were unable to send or receive email.

The outage was caused when mimesweeper.biz, the domain where customers' email is routed before being filtered, went off line. It wasn't immediately clear what caused the domain name to crash, but this whois record shows it expired on Dec. 13, suggesting someone forgot to renew its registration. Naughty, naughty.

Alyn Hockey, Clearswift's director of product management, said he was unsure what caused the domain name to fail, but acknowledged the theory about the lapsed registration may be correct.

"Obviously, there will be some work after the fact to make sure it doesn't happen again," he said.

Reports of the problem began trickling in early Wednesday morning in the UK. By evening, he said, support staff had devised a work-around that involved customers putting additional addresses into their email servers' configuration files. If for some reason the first server fails, Hockey said, the change would cause email to be routed to a second or third address rather than bouncing.

Not all customers seem to be aware of solution, and that, they said, is creating big problems. Mike, an admin for a local governmental agency in the UK, is one of the plagued.

"No email has been received since last night, and most of the outbound email has stopped or been bounced under 550," he told El Reg, referring to the numeric error code that frequently indicates a faulty DNS setting. "Basically we will be pursuing serious damages for breach of contract and direct business disruption. At the current time all we have is phone calls as there is no working email."

Clearswift has about 17,000 business customers, and filters content for about 25 million end users. Hockey said only a small proportion of them - perhaps 5 per cent - were affected by the outage.

Out of all the blunders an IT organization can make, forgetting to renew a domain-name registration seems to be among the more common. Last week, Perl.com was caught redirecting users to a porn link farm after ownership of a domain name that was embedded into the site changed hands. And in 2003 someone at Microsoft failed to renew the registration for hotmail.co.uk, an oversight that allowed a Linux hacker to scoop it up.

Here's hoping the cock-ups serve as cautionary tales for all admins that in addition to firewalls, content filtering systems and intrusion detection systems, security also includes more mundane details like renewing domain names. Lose control of them, and you can kiss your security good-bye. ®

Intelligent flash storage arrays

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.