More clear message for rejected forwarded email

When recipient services are guaranteed to reject a forwarded email based on the sender (sender domains that specify "reject" in their DMARC record), we block the sender's email from being forwarded as the only possible impact of sending an email that is guaranteed to be rejected would be negative IP reputation (you wouldn't receive the forwarded email anyway, no benefit, only harm to be done).

Previously we've relied on a default rspamd message "554 5.7.1 Matched map: SENDERFROMBLACKLIST" which was returned to the sender. This message has been adjusted to:

"Your recipient is forwarding email and the domain you are sending from forbids it by DMARC"

DirectAdmin Backups Resolved

Since deployment of the DirectAdmin servers we've been trying to work with a third party plugin that would allow us to perform incremental backups over the S3 protocol to ensure the best performance. While working toward that effort, we opted for rsync with the --delete flag to hold us over. The --delete flag, if you're unfamiliar, simply means that if files are removed on the primary server, rsync would remove them from the backup server as well (ensuring that old and deleted data did not stay in the backups).

As of today we've begun using DirectAdmin's built-in backup system, and while not ideal, will mean that we will more consistently have backups for accidentally deleted data, which is of value. Backups will, for the moment, be consistent and plentiful.

This is not likely the final backup system that we will use on the DA servers, given that full backups eventually cause a heavy hit to system performance as usage on the servers grow. We will continue to work toward the secondary goal of strong incremental backups (which only backup new changes each time).

AutoSSL not renewing custom SSL on cPanel servers

cPanel has acknowledged an issue that needs to be fixed in a future version, that is currently causing AutoSSL to fail to automatically renew custom hostname certificates on cPanel servers (mail.yourdomain.tld, webmail.yourdomain.tld). The temporary workaround for this is to log in to cPanel, click Custom SSL, and click Run AutoSSL.

DA Roundcube Update

DirectAdmin servers have seen an update to Roundcube 1.4. This includes their new beautiful and responsive skin, and marks the removal of the third party skins that played this role in the interim.

London Server Migration

The London server has been migrated from cPanel to DirectAdmin. This aims to correct performance and stability issues over the past months, as well as solve the problems caused by cPanel licensing changes. You need to know some details if you are on this server:

  • The control panel is now at
  • You can find some tutorials here:
  • Email filters are created under Settings in Roundcube.
  • We are working to get Crossbox back online for London, a location where it has previously been unstable.
  • The server is not physically in London, but is close enough to still have very low latency to locals (NL).

London Server Migration

We are attempting to kill two birds with one stone on London and resolve issues caused by performance as well as cPanel licensing. This server is well positioned for a migration to DirectAdmin, and we are working toward that end. It is not yet known if this will will be a flawless transition, and as such we cannot yet be certain that we will carry it through. If it is successful, we will move ahead. If it isn't, we will abandon this plan.

We're expecting only one thing to change, and that to be your control panel login URL. We will email customers on this server to notify them of the change, should this migration be successful.

Outbound Filter Updated Again

In a previous update we added that an invalid MX record would not pass outbound filters. This has been dialed back for certain conditions where rspamd was found to be returning the error for no valid reason.

Outbound Filters Updated

Outbound filters updated to rspamd 2.0. Most significant change made with the update:

If the domain in your From header has no valid MX record, it will not pass through our outbound filters. Many email services already look negatively on this, and won't accept emails under these conditions. As a result, we expect this to impact almost no one.

London Migration - Physical move

The London server will be going down for a physical move on the 27th of July. This will begin at 1700 GMT and is expected to last one hour.

You should not lose any incoming email during this time. It is the default universally agreed upon standard for an email server to retry delivery when it cannot reach the recipient server. There are no services we are aware of that do not operate by this standard.

Banshee Migration - Added Expectations

As the server migration to better hardware progresses, two expectations are being added to the event:

  1. Some new emails temporarily disappearing, then reappearing soon after due to final sync.

  2. Crossbox (m x l o g i n beta email client) will be inaccessible for a brief period during the transition while we disconnect the old slave and reconnect the new.

The migration is proceeding well, but we are unable to give a timeline for expected events given the dynamic nature of the work.