Feeds

Domain name gaffe launches Clearswift clients into e-mail panic

Mission critical app in critical condition

Protecting against web application threats using SSL

A domain name snafu at Clearswift, a company that filters email and web pages for objectionable content, wreaked havoc on some of its business customers when admins awoke to find their organizations were unable to send or receive email.

The outage was caused when mimesweeper.biz, the domain where customers' email is routed before being filtered, went off line. It wasn't immediately clear what caused the domain name to crash, but this whois record shows it expired on Dec. 13, suggesting someone forgot to renew its registration. Naughty, naughty.

Alyn Hockey, Clearswift's director of product management, said he was unsure what caused the domain name to fail, but acknowledged the theory about the lapsed registration may be correct.

"Obviously, there will be some work after the fact to make sure it doesn't happen again," he said.

Reports of the problem began trickling in early Wednesday morning in the UK. By evening, he said, support staff had devised a work-around that involved customers putting additional addresses into their email servers' configuration files. If for some reason the first server fails, Hockey said, the change would cause email to be routed to a second or third address rather than bouncing.

Not all customers seem to be aware of solution, and that, they said, is creating big problems. Mike, an admin for a local governmental agency in the UK, is one of the plagued.

"No email has been received since last night, and most of the outbound email has stopped or been bounced under 550," he told El Reg, referring to the numeric error code that frequently indicates a faulty DNS setting. "Basically we will be pursuing serious damages for breach of contract and direct business disruption. At the current time all we have is phone calls as there is no working email."

Clearswift has about 17,000 business customers, and filters content for about 25 million end users. Hockey said only a small proportion of them - perhaps 5 per cent - were affected by the outage.

Out of all the blunders an IT organization can make, forgetting to renew a domain-name registration seems to be among the more common. Last week, Perl.com was caught redirecting users to a porn link farm after ownership of a domain name that was embedded into the site changed hands. And in 2003 someone at Microsoft failed to renew the registration for hotmail.co.uk, an oversight that allowed a Linux hacker to scoop it up.

Here's hoping the cock-ups serve as cautionary tales for all admins that in addition to firewalls, content filtering systems and intrusion detection systems, security also includes more mundane details like renewing domain names. Lose control of them, and you can kiss your security good-bye. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.