NOTICE TIME ZONE Brisbane GMT+10
STATUS (Open/Closed) Open
INCIDENT START DATE 2020929
INCIDENT START TIME (HH:MM) Approx: 08:15
ESTIMATED TIME TO RESOLUTION N/A
INCIDENT END DATE ?
INCIDENT END TIME (HH:MM) ?
OUTAGE DURATION ?
INCIDENT CAUSED BY A 3RD PARTY? No
IF YES, NAME OF 3RD PARTY
XCRM TICKET NUMBER N/A
BRAND XNET
INTERNAL PRIORITY N/A
CUSTOMERS AFFECTED ALL
SITES AFFECTED ALL
DESCRIPTION OF INCIDENT Some users receiving notifications informing them of delays sending to domains such as hotmail.com, outlook.com and live.com due to mail.voipstra.com.au being on email blacklists
PRIMARY IMPACT EFFECT Users may have delays sending emails
SECONDARY IMPACT EFFECT None
EVENT TIMELINE
TUESDAY 29TH SEPTEMBER 2020
08:15 XSTRA identified a large backlog of emails on mail server
08:30 XSTRA confirmed mail.voipstra.com.au was blacklisted
08:41 XSTRA identified cause of blacklisting due to large quantity of spam emails being relayed through server
09:00 XSTRA identified source of relay and immediately blocked all connectivity to the mail server from that network
09:03 XSTRA commenced clearing backlog of spam emails
09:45 XSTRA submitted request to be delisted from the blacklists
10:15 XSTRA forced email to route via alternative IP address temporarily to ensure delayed email still transmitted
RECOVERY & RESOLUTION
Removed spam server’s ability to relay through the mail server and additionally blocked at the router level. Cleared all remaining spam email from queue and submitted requests to be delisted
ROOT CAUSE
A subnet mask that is reserved for private ip addresses was declared too large allowing public addresses to use the mail server as a relay
CORRECTIVE & PREVENTATIVE MEASURES
Confirm all IP addresses in the list are only private subnets and\or customer specific ip addresses
RESIDUAL EFFECT
Some email may be required to be resent if it exceeds the 2 day delay window
Last modified: Sep 29, 2020

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
https://x.direct/1/en/topic/welcome

Post Comment