Messages

I'm sorry, but I'm not keen on hosting an ssh-based game, due to the security implications. I mean, it sounds like a cool project and all, but SSH here is tightly locked down, and accounts are tied directly to system accounts, with no provision for "anonymous" extra users or anything. There have been too many hacking attempts in years past for me to lower those restrictions.

What I would suggest you look at is the $5/month (shared-cpu) plan at Linode. Xepher.net itself is hosted there (on a larger, more expensive plan of course.) It'd let you basically get a real server of your own, and then you could do whatever you wanted with it, including hosting your SSH game and even your website.

So xepher.net is running a bit like the Voyager probes. Long past their expected lifetime, and so we have to narrow mission scope to keep things going. In the past few years, the bulk of my pain-points with continuing things has been around email. More specifically, with various other services blacklisting xepher.net as a "spam source." Mostly I think this is the fault of having such low volume email: One spam message in a month makes this server's message output 5%+ spam (because we send so few messages.) So I think we're getting trapped by heuristics that don't really apply. But also, that's the reality and I can't get google/yahoo/msn/etc. to change their behavior.

That said, I want to work on fixing the issue in the long run. To that end, I want to know who is actually USING email services here. This question comes in several parts:

1) Are you using xepher.net email directly (e.g. user@xepher.net)
2) Are you using a virtual domain (user@mywebsite.com, which is hosted by xepher.net)
3) Are you SENDING email from either of the two above?
3a) If so, which ones? Both?
4) Are you sending email here some other way? (Possibly a violation/problem, possibly not.)

What I'm considering is spooling up an independent mailserver VM for xepher.net, such that you'll need to log into it directly (for both sending and receiving) but that will negate the worry that infected wordpress installs and similar are somehow sending spam from the only "official" server and getting us blacklisted. Also, with a separate server, all transactions will be fully logged (not content, just sender+datetime) so that if/when spam is detected, it can be shut down quickly and connected with the compromised account.

Please let me know if you're in the emailing using category, but also if you have any other thoughts or concerns around this. Thanks!

Upgrade time again. Nothing specific, but prompted by a major security breach in a core package (XZ) used by almost every Linux (and BSD) distro on earth today. It doesn't look like any direct exploit or vulnerability happened here on xepher.net, but it made me want to update and verify things generally.

We're still on PHP 8.1 but 8.2 may be coming sooner rather than later. Don't expect any issues there, but, one never expects the Spanish Inquisition. That said, and for now, this round of updates should be "done." If you have any remaining issues or problems, please let me know. And I apologize for the interruptions the past 10 hours or so.

Okay, upgrade is complete... I think. Let met know if you have problems. But please try upgrading any php based software first!

PHP 7.4 is end-of-life, and so mysql 5.7. The real impetus for this change though is that openssl 1.1 itself (which both of these depend on) is going EOL in September as well. Most people hopefully won't be affected in any serious ways, but if you have PHP scripts on your site (such as wordpress) you should make sure you're up to date with the latest version.

I will likely perform this upgrade sometime next week, but depending on how busy I am, may postpone it slightly longer. I aim to have it done by the end of July in any case, so please check your site software for upgrades soon.

EDIT: Upgrade complete. Please upgrade your software if you have issues, and reach out to me if you can't resolve things.

So... yeah. First off, sorry about that. But over the past few days, the traffic to your site shot through the roof starting about 6 days ago. Unfortunately I was out of town for the last 5 and didn't get to look into it until last night, and was planning to take a longer look at it after work today. Long story short, I think your wordpress install was under heavy attack. There were hundreds of gigabytes of traffic going to a few dozen eastern european and russian IPs, and all of those were continually sending dozens of comments and login attempts every minute. Over a full terabyte of traffic already went to your site before I locked it down. I hope by turning it off for a day or so, it'll kick it out of the botnet's list of targets and maybe the problem will be resolved.

I'm emailing you for further discussion.

Starting next week (November 1st) there will be an upgrade to some of the core system software on the server. This will obsolete old passwords (set before around 2008) which are stored using weaker md5 hashes. Support for those is going away in the cryptography library used by service pieces of software (including SFTP.) Everyone who hasn't changed their password in the past few years will need to do so, or potentially be locked out of some services until they do.

To change your password, go to https://xepher.net/user-services/ and login with your old/current password, then change it. Note that if you use MySQL for things like wordpress, this will change your database password as well, so you may need to update your wordpress (or other software) configs. For wordpress, that typically just means editing wp-config.php. This would also be a good time to make sure that file is secure (it does contain your password after all) so click the properties for that file and set the permissions so ONLY user (you) have read/write access (for you nerd types, "chmod 600 wp-config.php".) Remove the access from group and other/world so no one else can view it. You should do this for any other web software you may be using... any file where you have your own password stored.

If you have any questions or problems, just let me know!

I've no real idea.... that was years ago. My guess is that those are probably periods where I was upgrading software or changing the logging system and something glitched. I've done my best to preserve old data, but sometimes that just fails and new systems miss a step. Sorry.

I've resent them. It should be coming from a xepher.net address, so check your spam folder.

I've sent you an email with details and a password reset.

Sorry for the slow reply. I was traveling the past two weeks. As always, SFTP/SCP is the the way to connect. I still suggest the venerable WinSCP. https://winscp.net/eng/docs/free_sftp_client_for_windows

Finally got through to them again, and it's been "Conditionally mitigated." Which is their way of saying "unblocked" without admitting a mistake or even explaining why it was blocked in the first place.

If you use hotmail, PLEASE make sure to mark "not spam" any emails from xepher.net there, as apparently that's the only way for their system to start "trusting" the server here.

Note: it may take 24 hours for thing to start working they say. Please don't resend a bunch if it's not unblocked yet.

I will try to do something about it, but I've just about given up with Microsoft these days. Their website for SNDS (the place you go to resolve this stuff with them) is "currently experiencing technical issues" as well, so I can't even start the process of getting it sorted out. The server isn't blacklisted anywhere else on the internet, and yet MS somehow re-blocks it every couple of months, and it takes weeks to get them to remove it. The bottom line is that their system just sweeps up wide IP address ranges anytime there's a spam hit from any of them, and since this is a virtual server in a shared datacenter, I have zero control over who the "neighbors" are and what they do, yet I get caught up in the same net when one of them spams.

What program are you using? Remember, there is no simple "FTP" here. You should be using an SFTP or SCP (ssh-based) client, like WinSCP.

So, with that whole email kurfuffle with hotmail (and trying to get onto their "nice" list), there was about a 12 hour window (basically while I was asleep) where the email server here was misconfigured with a bad address list, and so it bounced some messages during that time. The logs show only one message from pateron.com bouncing (and it was to you) on the 22nd of October. There were successful deliveries from them on the 17th and earlier though, so it looks like it bounced only once, but it was a hard rejection (saying your address was unknown due to the misconfiguration.) If there were other bounces, they would've had to come from other servers that didn't use patreon.com anywhere in the "from" field.

tl;dr They weren't blocked, there was just a glitch that was fixed the same day it happened. It should be all good now.