IMPORTANT: PLEASE READ NOW! Email security and blacklists

 

The recently discovered server software bug that affected so many servers around the world seems to be the cause of a massive surge in server attacks. The types of attacks we’re seeing at the moment include:

  • Brute force attempts to gain access to customers email boxes

  • Brute force attempts to gain access to customers website administration areas (such as WordPress, Joomla and Magento)

  • Brute force attempts to gain access to customers website forums and website members areas

  • Direct access using discovered usernames and passwords for the above

Headforwards servers were not susceptible to the vulnerability, but that hasn’t stopped 100,000+ attacks a day trying to compromise our server, your website and your email accounts. For the most part these attacks have been unsuccessful, but there have been a small handful of occasions where the attacks have been successful.

Within the last two weeks all of our servers have been used to send spam from compromised email accounts. The access has been via legitimate email accounts with correct passwords.
 

Although we cannot prove the source of the password, it is believed that it is most probably due to data gained from other compromised servers e.g. social media sites, or possibly malware/virus software on their local systems (e.g. their computer or mobile device).

We require all hosting (email, web or both) customers of Headforwards, to ensure their email/account passwords meet the following criteria:

  • The password must be unique and not used on ANY other website.

  • Minimum password length of 12 characters including numbers, symbols, upper and lowercase characters.

  • Avoid passwords based on repetition, dictionary words, letter or number sequences, usernames, relative or pet names, romantic links (current or past), or biographical information (e.g., ID numbers, ancestors' names or dates).

To make this simple, you could use an online strong password generator such as the ‘Strong Password Generator.

The impact from abuse of an email account, on our servers and staff is significant in terms of time and cost. It also affects all of our customers as the servers are being listed on email blacklists.

These blacklists are self appointed “email police” that many ISP's monitor for IP addresses of servers, such as ours, that have sent out spam emails. Getting removed from these blacklists in a short amount of time is difficult or impossible and we have no control over them

If someone's account on the server your shared hosting is on, has been compromised, then you may have problems getting some emails through to recipients who's ISP’s use the blacklists our servers could be listed on.

We are doing everything possible to keep the servers and email accounts secure. Despite this extra systems administration costing us thousands of pounds through no fault of our own, these costs are not being passed on to those who have been compromised.

We cannot protect against a hacker logging in with your correct user and password, so it is important you update it and protect it wherever possible.

If email is critical to your business, the best option is to opt for hosting with a dedicated IP address as this will avoid blacklisting unless spam is sent via one of your own accounts. Please contact us for further details on hosting options.

Article Details

Article ID:
21
Category:
Rating :

Related articles