| Toll-free USA: | (877) 546-0316 |
| International: | +1 (407) 465-6800 |
| United Kingdom: | 0800 8620149 |
| Australia: | +61 0390010641 |
| Fax: | +1 (954) 839-8737 |
|
Can't find what you're looking for? Give us a call! Contact Us
|
 |
January 28, 2010ExchangeDefender Outbound DelaysThroughout the day the ExchangeDefender outbound grid has been fighting extremely large mail queues and hour long delivery delays. The source has been identified as a DDoS attack and we’ve taken all mesures to remove the mail. Legitimate mail that hasn’t been delivered will be delivered throughout the next couple of hours. We highly apologize and we are making modifications to the outbound grid throughtout the next limit to prevent flooding.
Comments Off
January 27, 2010Extended maintenance severity for admin.exchangedefender.comWe will be holding an extended maintenance window this weekend affecting admin.exchangedefender.com systems:
During this time window access to admin.exchangedefender.com will be intermittent as we undergo a major networking and hardware update to handle the expansion and additional services. We will start posting updates to this blog during the 4 AM – 7 AM.
Comments Off
January 25, 2010Backup74 MaintOur second US OBS server, backup74 will be going offline for the next three hours as we begin to migrate users around different volumes. Service is expected to be restored before 5 PM Eastern.
Comments Off
January 20, 2010Backup74 PatchThe Offsite Backup Server, backup74, will be going offline at 3:00 PM Eastern to install hotfixes to OBS. The server is expected to be offline for 30 minutes and service should be restored by 3:30 PM Eastern. Update 3:01 PM Eastern: Service has been disabled on backup74 as we begin patching. Update 3:11 PM Eastern: Service has been restored on backup74 and the server is now running version 5.5.5.5-2.
Comments Off
January 18, 2010DEWEY RebootAt 4:10 PM Eastern we will be rebooting DEWEY for feature enhancements and more analytical monitoring. The reboot is expected to last no longer than 10 minutes and service should be 100% functional by 4:20 PM Eastern.
Comments Off
January 15, 2010Backup74 MaintenanceWe are beginning a maintenance schedule for backup74.ownwebnow.com. During the maintenance schedule, access to backup74.ownwebnow.com will be interrupted, however, service is expected to be restored by 12:00PM Eastern. Updated 1:30 PM Eastern: User migration is taking a bit longer than expected. The final user move is in progress and the server should be online before 3pm Eastern. Updated 2:50 PM Eastern: User migration has completed and service has been restored to backup74. maintenance
Comments Off
January 14, 2010HUEY RebootWe are about to reboot huey.exchangedefender.com due to user accessibility complaints. Service is expected to be fully impacted on HUEY for the 15 minutes while the reboot commences. Update 3:21 PM Eastern: The server is back online from the reboot and service has been restored.
Comments Off
January 13, 2010Huey CertificateWe are in the process of replacing the certificate for HUEY in our Exchange 2007 cluster. We highly apologize for the inconvenience however service should be restored before 3pm Eastern. Updated 2:42 PM Eastern: The certificate has been successfully replaced on HUEY. Service on HUEY is now 100% operational.
Comments Off
January 11, 2010Antivirus False Positives & Missing MessagesLast week (January 8th and 9th) we received a dozen reports of messages that simply vanished in the ExchangeDefender system. Upon investigation it turned out that one of the antivirus engines was picking up false positives: marking messages with certain PDF attachments as infected when in fact there was no infection there. The actual infection was simply a detection of an exploit, one that can easily and inadvertently be created by older versions of Acrobat. We have removed the antivirus engine from the rotation (don’t worry, everything is still being scanned by several other scanners). While the problem in the definition files was already addressed (Exploit.PDF-9669) and widely blogged and discussed, we need a way to deal with false positives. Prior to this we have never had an instance of a reported false positive with an antivirus engine but as more antivirus vendors get into the business of not just detecting viruses and worms but also exploits and other dangerous content, our reporting will have to get better as well. The bigger question here is: Why was I not notified? If this happened here, it would also explain why I am never received any of the other messages. Allow me to address that in two ways: 1) Almost all of our “missing messages” tickets are related to the messages being quarantined as SPAM and not coming into LiveArchive. At the present time there is no way to get a SPAM message into LiveArchive, even after it’s released from the Quarantine. Because our replication is done at the scan time, we have to move the copying protocol elsewhere to enable post-release and SPAM content.
2) We have never before seen a false positive from an antivirus engine. We’ve seen it crash, we’ve seen it fail to detect a real infection, we’ve seen it bring the scanning node to a crawl and just about everything you’d expect from a piece of security software: just never a false reading. Consequently, we never wrote a process to monitor for the false positives and we never bothered to present the infection logs because so many contained meaningless junk. Several years ago, after countless alerts for Sober and Nimda and so on, we disabled end user reports for antivirus and it was eventually dropped from the product completely.
IMPORTANT: While these infections appeared to be lost forever, we do have them stored on our servers. Reported messages are being released (by hand) by our support teams so if you know the message sender/recipient/subject and date the message was sent, we can retrieve the message and deliver it. -Vlad
Comments Off
Powered by WordPress |
