The portal forum is moving out

The current forum, a vBulletin license is about to get obsolete. We started this forum for several years ago. In facto, the forum has been kept alive approximately since tornevall.net was registered as a domain in may 2000. The most active period of the forum has been registered between that date and 2007. When people got aware of Facebook a few years later (around 2007) the big masses jumped on that train which made many of the smaller actors out of job. And users. This also hit Tornevall Networks old forum variant, that hardly follows the technical development anymore. So it’s time to rethink how it’s done further on.

I think the worst hit came when Jelsoft changed crew and tried to rebuild the platform to match social medias. This failed, and the prior “customer stock” became very disappointed with how things happened.

This is why the portal and forum itself will move out from the primary domain. It will not be removed, just archived somewhere else, leaving new fresh space for better ideas.

The archive will be created at https://archive.tornevall.net.

Opening up for tunnels

As Tornevall Networks isn’t considered “operations safe” (by means, Tornevall Networks can never guarantee your uptime). However, since there are plenty of tunneling options it is possible to actually apply to smaller networks (depending on the network size). There are also virtualizations availabel, but the IPv4 networks are much more limited so we usually don’t create virtual environments (besides there’s neither automation nor billing systems available, since there’s no company in bottom of this service).

Most of the network ranges allows open SMTP since many services has those sections closed. Mostly because of abuse actually; so Tornevall Networks services for SMTP is regular which means bulk or spamservices are not allowed. Detected abuse will have your service shutdown instantly.

For more information about the tunneling options, take a look at https://docs.tornevall.net/x/EYCD

Sorry, we went offline!

During the yesterday evening, a server silently rebooted and ran into a corrupted InnoDB database. This was discovered today (https://status.tornevall.net is updated) and the database server was completely restored around 15:00-16:00 CET. Bitbucket, Confluence and JIRA was unaffected by the disruption.

Spamfilter effectiveness in all mailboxes doubled

As of summer 2019 the email-server upgrade is going to be final. During a few weeks the support for virtual domains is in place, DKIM and DMARC is new features and together with SpamAssassin upgrades and the restoring of DNSBL with FraudBL spam filtering should now hopefully be quite effective. Besides of this, there’s a global whitelist installed, which means that some domains that are considered important will be able to duck spam triggering. Users has also, via TorneAUTH the ability to whitelist senders themselves.

The last big change being done this far is the trigger on the spam itself. Historically, spam has been kept intact with a tagged Subject straight into the inbox of the mail account. By means, for each new spammail the messages has been staying put and disturbed the normal mailflow. The last change done, moves all mail flagged with spam to a new Spam-folder, which is automatically created if it does not exist. If you miss any mail – check there.

The final step now is to make all this configurable too. I’m aware that the Spambox may get filled if noone ever checks that mailbox out. What’s up next, is something that cleans up that folder periodically if noone else does it, so we can keep down the mailbox size more effective.

DNSBL for WordPress 2.0.8 changelog

This release of the DNSBL for WordPress is a half-minor update. In a few days back in time a raised act against our contact forms has been observed. ContactForm7 is used on most of the tornevall.net-sites, so it has become frustrating when spam passes through the forms without the ability to instantly blacklist the posts (except for moments when akismet for example helps with the job). So I’ve just added support for WPCF7 into the plugin.

By means, if anything bad arrives via the mail, that has been posted via the contact form there’s just a few seconds between me and a complete blacklist of the sender. In this particular case I’m activating flag 16 (IP_MAILSERVER_SPAM) in the detection configuration and for v2.0.8 a new setting under “Protective options”, called “Turn on support for WPCF7”.

The issue tracker has this case added at https://tracker.tornevall.net/browse/DNSBLWP-63 and has been tested with WPCF7 5.1.4 this far.

opm.tornevall.org is still going strong

dnsbl.tornevall.org has been the primary subname for blacklists several years now. However, it still seems that our 13 year old subname opm.tornevall.org is still going strong. The new DNSBL wasn’t supposed to support that part, however since there’s still quite a lot of resolvers running this check it has been reinstated in the API. The DNSBL has only been running a few days so the loss is probably not even notable, but if there’s time for it there might be built a blacklist validator, to see how many hosts missing this opm-part.

DNSBL 5.0.5 – Introducing advanced whitelisting

In DNBL v5.0.5 (API release) an advanced whitelisting system is introduced. At first, this whitelist system was implemented in a leaf-application (the honeypot system) but since it’s better to implement it directly at the blacklist entry, this has been done instead.

For example, if we’d like to whitelist Telia mailservers in the DNSBL, we could simply add their SPF inclusions in the system. By adding _spf-a.telia.net, _spf-b.telia.net, etc the DNSBL will check each added ip address if it matches against either a IPv4/IPv6 address that belongs to the SPF pointer or if it is located within a CIDR-based range in the pointers. So if we whitelist _spf-a.telia.net and a blacklist request contains an address in the range of 81.236.57.10/32, that address will be considered whitelisted and throw an exception.

In the primary whitelist the only SPF-exceptions is _spf.tornevall.net and _spf.tornevall.se. Other addresses that also will be whitelisted is the following (that will prevent internal server blacklistings):

127.0.0.0/8
172.16.0.0/12
10.0.0.0/8
192.168.0.0/16

Important patch for DNSBL

The prior weekend our mail server was moved to a completely new place, so we also decided to shut down the old mailserver.

However, the old server contained important files that handled the blacklist functions (methods that automatically updates and changes the zone data in the zone tornevall.org). As this service has been shut down, an update for the DNSBL API has been deployed since we have been unable to rewrite zone data since then.

This also means that all removals from the removal interface should be instant if everything goes as planned (tests has been successful) – and not hourly.

Just remember that even if removals are instant, your blacklisted IP may still be present in caches around the workd, and won’t be updated instantly.

 

Reshaping the community portal.

I know! It may be a bit excessive to both run a WordPress-info-portal AND a community forum-portal in the same time, as WordPress have quite ok tools for running forum-ish stuff from there. However, I’m not entirely pleased with that, especially since I like the old community-threaded non-Facebook-forum form. vBulletin 5 left this concept for a few years ago, but it really is possible to reorganize things and make them work quite well. And this is what I’ve done the last day.

Once upon a time, there was “Tornis”. It was a realityshow based forum that had Big Brother Sweden as the primary target. However, when Facebook took control over forums with the group-concept many forums went into a graveyard of dead forums. Some of “us” (me) still appreciate the simple overview of threads instead of the compact Facebook view where everything is mixed up in 2 sublevels of comments and all text exposed in the same place. So the decision to reorganize this place have been there for several years. I still feel there might needs of some other kind of privacy than Facebook monitoring all your information. Besides, you still can be reported for practically nothing and get banned.

The purpose over time has therefore changed. There are ongoing projects that has been planned to be placed in this forum. The first problem to fight was to clean up the forum without being forced to delete everything. This is now finished. There is a Facebook-group mirrored to this portal (Making internet a better place), where I was supposed to support and update information about the API that should have been making internet a better place. This project has been delayed for a long time now, but since the reorganization FINALLY have taken place, the future might be a bit more brighter. However, there’s a few things left to do before we can go all in on it…

https://www.tornevall.net/portal/articles/1062744-reshaping-the-community-portal