E-mail/telephone issues

Due to a network connectivity issue at our Nevada City office, as of 11 AM Tuesday, Sept. 20, we are currently experiencing problems with inbound email for all Spiral customers.  Incoming messages are unable to reach our Barracuda spam filtering system, and therefore are not being delivered to customer mailboxes.

E-mail networks are designed to retry messages which failed to send, so at the time connectivity is restored, most or all of those backlogged messages should be retried and correctly delivered. Some messages (such as password reset emails) should be retried/resent when service is restored.

The network issue is also interfering with our ability to answer phone calls to our (530) 478-9822 office number.  Our voicemail system is working and we will respond to messages as soon as possible.

Our upstream provider has noted this as part of a regional outage and given us an ETA of 5 PM for repair.

Update, 1:30 PM:  The network is currently up and e-mail messages are passing through, but as we have already seen service return and then drop out again, we should still be presumed to be under potential outage conditions.

Update, 3:30 PM: As the network has been stable for several hours, we are returning to presumptively normal operation.

Posted in Unplanned Outages | Comments Off on E-mail/telephone issues

Outbound mail delays/rejections

Early on Tuesday, Sept. 5, a compromised website on our shared hosting server began sending out high levels of spam which caused that server to be temporarily listed on e-mail spam blacklists.  The compromised website has been re-secured and we are in the process of removing the server from the blacklists.  In the meantime, outbound mail may be disrupted for customers with SierraEmail.com, SpiralEmail.com, or custom domain e-mails.

Symptoms include messages not arriving at their destination (due to being queued for later sending after the blacklisting resolves), or sent mail being returned with an error stating that the message could not be delivered.

We anticipate full service being restored by the morning of Wednesday, Sept. 6.  In the meantime, failed e-mails can be resent from alternate addresses.

Our apologies for the inconvenience.  If you have further concerns, please give us a call at (530) 478-9822, Ext. 1 for customer support.

Edit, 1:00 PM Sept. 6: The Spamhaus/CBL blacklisting which caused the most problems has been removed, which should address most spam-blocks by the end of the day.

Posted in Unplanned Outages | Comments Off on Outbound mail delays/rejections

Inbound email delivery issues (resolved)

As of early this morning, Aug. 23, many Spiral customers are either not receiving inbound e-mails or else receiving them after lengthy delays (over an hour).

This issue has been traced to our Barracuda spam filtering server.  It is correctly accepting inbound e-mail, but messages are remaining in the spam filtering queue rather than being passed through to their destination.  As of 10 a.m., this has been confirmed as a known issue with Barracuda and we have an open support ticket to resolve the issue.  We do not yet have an ETA for repair.

All inbound e-mail messages are being preserved — they are currently queued up on the Barracuda server, and will be delivered as normal after the spam filtering issues are addressed.

Our apologies for the e-mail delays. If you have any concerns, you can call our office at (530) 478-9822, Ext. 1 for customer support.

Edit: As of 12:30 p.m. Barracuda has cleared the issue and all backlogged e-mail has been delivered.

Posted in Unplanned Outages | Comments Off on Inbound email delivery issues (resolved)

Inbound email delays (resolved)

At approximately 9 a.m. today (May 3), some network issues at our Nevada City location caused our Barracuda e-mail filter to stop responding to inbound message delivery attempts.  This meant that outside messages for Spiral customers were queued for later delivery rather than getting through right away.

The network issue was resolved around noon, at which point there was a large backlog of undelivered mail.  The backlog took about an hour and a half to be processed.  At this point, all undelivered messages from earlier today should have been passed through to Spiral mailboxes correctly.

If you are still having issues with inbound mail not having shown up today, give our office a call at (530) 478-9822, Ext. 1 for customer support.

Posted in Unplanned Outages | Comments Off on Inbound email delays (resolved)

AT&T strike will complicate DSL repairs

According to several media sources, 17,000 AT&T workers have walked off the job today to protest issues affecting technicians — including outsourcing, and being forced to do work outside their area of expertise.

We have confirmed this with AT&T directly, as they are now telling us that “maintenance ETRs have been delayed indefinitely” for newly reported DSL problems.  (Unfortunately, we also cannot guarantee whether or not AT&T will honor commitments for previously scheduled DSL repairs.)

The AT&T strike affects Spiral customers because our DSL service runs on the landline telephone infrastructure owned by AT&T.  When line-quality issues are reported to us, they must be referred to the phone company, who dispatches their own technicians.

The strike follows on the heels of complaints from elected officials statewide that AT&T is abandoning their landline phone network and skimping on maintenance.  California Public Utilities Commission data shows that every month for the past three years, AT&T has failed to meet state telephone quality standards — while 90% of reported outages are supposed to be repaired within 24 hours, AT&T only meets that 24-hour goal about half of the time.  (In Q4 2016, their average was 54%.)

This is one of the many reasons that we are moving forward with our fiber-optic network — where we will own the infrastructure ourselves, and be able to take accountability for its repair and maintenance, rather than relying on a bureaucracy that doesn’t care about the challenges of rural broadband access.  “Zone A” of our network has already received $16 million in grant funding from the CPUC, and we are taking preorders within that zone as we finalize our environmental impact reports and prepare to break ground.  (If you’re outside the zone, go take the survey to let us know where fiber is needed and wanted.)

In the meantime, we will provide the best service that we can to our DSL customers, given the limitations of degrading and unrepaired infrastructure.

Posted in Tips and Announcements | Comments Off on AT&T strike will complicate DSL repairs

Dial-up access issues (resolved)

We are currently investigating an apparent outage with our upstream provider of dial-up services.  Reported symptoms include getting busy signals when calling in to the phone numbers in our dial-up access pool.

Please be patient as we isolate and address the issue.  As of 4 p.m. we do not yet have an ETR.  We will report updates here.

Update, 3/3: Network issues at our upstream provider were addressed last night and tests this morning show connectivity has been restored.

Posted in Unplanned Outages | Comments Off on Dial-up access issues (resolved)

Password compromise on shared hosting server

E-mail, client and FTP passwords on our shared hosting server have been reset due to a suspected compromise of some hosting customers’ account information.

There was another attack this week on our shared web hosting server (see also previous), injecting malicious code into a Spiral-hosted website. This week’s breach, however, was definitively traced to an unauthorized FTP connection using the account owner’s credentials.  Forensic re-review of several of the previous break-ins suggests that that method was employed for previous weeks’ website alterations, and the data available strongly suggests that multiple user passwords have been compromised.

Further review revealed that every single site affected by the recent breaches is one that had been transitioned from our secondary hosting server onto our primary server in mid-2016 when we closed the secondary server down.  The odds of that happening by chance if the breach had occurred on the current server are extremely low.  Additionally, the secondary server had far weaker security than the existing setup (a major reason for the migration).  Both of these facts point to this breach having occurred before the server transition, and old passwords from that breach being withheld for later use.

However, out of an abundance of caution we have reset ALL passwords on the current shared hosting server.

The hosting servers do NOT contain any customer financial or personal information — the only data exposed in a potential breach would be usernames, passwords, website contents and e-mail mailboxes.  However, any sensitive or personal information sent via email to accounts on that server may likewise have been compromised.

If passwords used on that server were reused elsewhere, we advise changing those as well.

Who is not affected

Customers using Spiral for internet access via DSL or dial-up are NOT affected.  Customers pre-registered for our fiber optic project are NOT affected.  Customers with NCCN.net e-mail addresses are NOT affected.

Who is affected

Spiral’s web hosting and custom-domain e-mail hosting customers have data on the server where we performed the password reset.  However, not all of those accounts are suspected to have been breached.

Approximately half of Spiral’s web hosting were formerly located on the secondary server where the data breach is suspected.  If you have a website hosted by Spiral, call our office at (530) 478-9822 and we can review our records and tell you whether you may have been affected.

Customers with spiralEmail.com e-mail addresses, and sierraEmail.com e-mail addresses, have mailboxes on the server where we performed the password reset.  However, those accounts were NOT ever located on the secondary hosting server believed to be compromised; at this time we have no evidence of a data breach on those accounts.

If you have concerns about your data security, or need to speak with us about your passwords, please call our office at (530) 478-9822, Ext. 1 for customer support.

Posted in Unplanned Outages | Comments Off on Password compromise on shared hosting server

DSL outage (cleared 1/31)

As of approximately 1:00 PM Tuesday, January 31, multiple and widespread reports of DSL problems have started coming in. We are investigating this as an area outage and are currently assessing the extent of the problem.

Both Grass Valley and Nevada City DSL customers are known to be affected, with reports suggesting that the outage extends beyond Nevada County. The symptoms of the outage appear to be:

• All lights on the modem indicate a normal connection to the outside world, but no IP layer traffic is getting through.
• Power-cycling your DSL equipment (turning it off and on) does not restore service.

We will update this post as we learn more.

Edit, 1:40 pm: The source of the problem appears to be a major Denial of Service attack against our upstream provider sonic.net.  We are coordinating with them on a response.

Edit: 2:30 pm: An ETA is not yet known.

Edit, 3:45 pm: Our upstream provider is saying that service has been restored, and we are working to verify that across our customer base.

Edit, 4:25 pm: Normal serviceability appears restored.  If your service continues to have problems, please call our office at (530) 478-9822, Ext. 1 for customer support.

Posted in Unplanned Outages | Comments Off on DSL outage (cleared 1/31)

Multiple website compromises / e-mail delivery issues: WordPress attack

In an issue very similar to last week’s outage, our shared hosting server was hit by a compromise which caused high volumes of malicious e-mail messages to be sent out.  Unfortunately, this time multiple customer websites were confirmed as simultaneously compromised.  All of them were using the WordPress content management system (last week’s victim was not), and may have been attacked through the same scripting vulnerability.

As such, we have audited every WordPress-based site on the server, finding a total of seven sites with malicious code additions.  Those websites have been temporarily suspended while we work with their owners to re-secure the sites and remove the malicious code.  We will additionally be contacting every single customer running a WordPress-based site to make certain that all installations have had the most recent security patches applied.

One of the effects of the attack is that large volumes of spam were once again sent out from our shared hosting server, causing it to be placed on e-mail blacklists and watchlists.  Outbound messages are correctly passing through our server, but the reputation issues are causing them to be rejected at the recipient’s end.  This affects customers with e-mail addresses at spiralEmail.com, sierraEmail.com and custom hosted domains.  We have requested removal from every blacklist which allows manual delistings, but restoration of full email delivery may require 24 hours or more for automated listings to expire.

Posted in Unplanned Outages | Comments Off on Multiple website compromises / e-mail delivery issues: WordPress attack

E-mail/webmail login outage for nccn.net customers (resolved)

A problem with the physical hardware running our cloud database server caused user data for nccn.net accounts to be briefly unavailable on Thursday evening, January 19.  This meant that users were unable to log in to their e-mail, either directly via our mail servers or via SquirrelMail at webmail.nccn.net.

(No e-mail was lost, and e-mail delivery continued uninterrupted: only sign-ins were affected.)

Our cloud provider has notified us that the affected server has been migrated to new hardware, and we have verified data integrity and restored e-mail access.  If you are still having problems, please call our office at (530) 478-9822 and we can give you individual support.

Posted in Unplanned Outages | Comments Off on E-mail/webmail login outage for nccn.net customers (resolved)