One of our mail servers, smtp.forest.net, was tagged as a spam source yesterday when a spammer abused a latent mail form on a website inside our network. Here are the steps we've taken and will continue to take to resolve the issue as soon as possible:

* We've removed the web-to-mail form that was targeted.
* We've dumped the offending messages from the outgoing SMTP queues.
* We've re-routed outbound mail via another SMTP relay host for the time being.
* We're doing our best to get our server removed from the various blacklists.

This serves as a timely reminder to everyone that manages a website to have a look through all your code and make sure that all your forms are validated and protected. You can read more about that here. Even pages that have no active links to them are vulnerable! So clear out the deadwood folks, because with Google and other search robots, no HTML stone is left unturned these days. The form that was abused recently was a "dead link" that had not been active since 2002 or so, but was still there. Perhaps it is time for a little "spring cleaning" for webmasters.

Regards,
Chuck Goolsbee
VP, Tech Ops,
digital.forest

It's that time of the month folks. Patch Tuesday has come again and we will be patching all of our Windows Shared Hosting servers this afternoon. We expect no more than 5 minutes downtime per server.

Today we will be patching our Windows Hosting servers with Microsoft Update MS-017 (Vulnerabilities in GDI Could Allow Remote Code Execution (925902)). This patch was released 1 week prior to the regularly scheduled monthly update due to the number of exploits that occurred over the past weekend. It is highly recommended that all affected servers be patched ASAP.

This patch will require a reboot of the updated servers. We expect no more than 5 minutes downtime per server.

For further information and details about affected versions of Windows please use the following link
http://www.microsoft.com/technet/security/bulletin/ms07-017.mspx

Update 4/2 12:21PM
We have successfully petitioned Comcast to take our mailserver off of their block list. If you're still having issues sending to Comcast, feel free to submit a trouble ticket or contact support toll-free at (877) 720-0483

A number of clients have contacted us regarding failed mail deliveries to Comcast accounts. If you're having trouble sending to Comcast, and you get a message that looks like this:

Failed to deliver to 'xxxxxxx@comcast.net'
SMTP module(domain comcast.net) reports:
return-path address 550 216.168.37.34 blocked by ldap:ou=rblmx,dc=comcast,dc=net -> BL003 Blocked for spam. Please see http://www.comcast.net/help/faq/index.jsp?faq=SecurityMail_

be advised that we are aware of the issue, and are currently attempting to work with Comcast to resolve it as quickly as possible.

Updates will be posted to this page.