Monday, November 23, 2009

Email Problems (Premium Hosting Accounts)

If you are a BWD Premium Hosting account holder, you may be experiencing some issues with your email today. (My account is repeatedly having trouble connecting to the server.) Here's the official update from the hosting company:

Update: Incoming Email

Update: Network engineers have identified the cause of the issue and have taken steps to resolve the issue. Mail should be back to normal within 30 minutes at the latest.

We are aware of an issue that may cause email sent to mailboxes hosted on our platform to be returned to the sender with a bounceback error indicating the retry limit has been exceeded. Our network engineers are currently looking into the issue. We apologize for any inconvenience caused by the bounceback errors. More detail will be posted on this issue as it becomes available.

- 11/23/09 at 14:12 ET

Thursday, November 19, 2009

Email Issue: Prompting for Password

You may have been experiencing some difficulty with your email today. There has been a little trouble with the software on the server that continually prompts for your password. Also, once it does accept the password, the performance has been very slow.

We have attempted some solutions to this, none are having great effect, yet. We'll keep at it. Please contact me if you are still having trouble by submitting a new support ticket at support.bwd-graphics.com.

Thursday, November 5, 2009

Google Warning: Phishing Scam [Resolved]

Some BWD clients may have recently received an email notifying you that Google has tagged your site as a potential host for a phishing scam. This is not true. (Well, it's not completely true.) There was an issue with another account on the same server as BWD hosted accounts, and somehow Google identified any domain associated with that server/IP address as harmful.

However, as you'll notice, all of your pages are still up and not blocked by Google's phishing scam filter (As the link in the email was.) This is because BWD-Graphics.com accounts were NOT affected by this scam.

The issue has been traced and resolved. If you have any questions, feel free to contact me at support.bwd-graphics.com.

Here's an example of the email you may have received.

From: noreply@google.com
Date: November 5, 2009 1:06:03 PM EST
To: abuse@yourdomain.com, admin@yourdomain.com, administrator@yourdomain.com, contact@yourdomain.com, info@yourdomain.com, postmaster@yourdomain.com, support@yourdomain.com, webmaster@yourdomain.com
Subject: Phishing notification regarding yourdomain.com

Dear site owner or webmaster of yourdomain.com,

We recently discovered that some pages on your site look like a probable phishing attack, in which users are encouraged to give up sensitive information such as login credentials or banking information. We have begun showing a warning page to users who visit this site in certain browsers that receive anti-phishing data from Google, as well as users redirected to this site from various Google properties.

Below are one or more example URLs on your site which appear to be part of a phishing attack:
http://www.yourdomain.com/~dbean/components/com_letterman/images/hsbc.co.uk12personal/httpwww.hsbc.co.uk12personalcredit-cards;jsessionid=0000pDFvvK08lyoIpQOFOAhC_Ct11j74l29q/

Here is a link to a sample warning page:
http://www.google.com/interstitial?url=http%3A//www.yourdomain.com/~dbean/components/com_letterman/images/hsbc.co.uk12personal/httpwww.hsbc.co.uk12personalcredit-cards%3Bjsessionid%3D0000pDFvvK08lyoIpQOFOAhC_Ct11j74l29q/

We strongly encourage you to investigate this immediately to protect users who are being directed to a suspected phishing attack being hosted on your web site. Although some sites intentionally host such attacks, in many cases the webmaster is unaware because:

1) the site was compromised
2) the site doesn't monitor for malicious user-contributed content

If your site was compromised, it's important to not only remove the content involved in the phishing attack, but to also identify and fix the vulnerability that enabled such content to be placed on your site. We suggest contacting your hosting provider if you are unsure of how to proceed.

Once you've secured your site, and removed the content involved in the suspected phishing attack, or if you believe we have made an error and this is not actually a phishing attack, you can request that the warning be removed by visiting
http://sb.google.com/safebrowsing/report_error/ and reporting an "incorrect forgery alert." We will review this request and take the appropriate actions.

Sincerely,
Google Search Quality Team


UPDATE: Google continues to send the warning emails, so I checked with the hosting company to verify that your accounts are clear, and they are. Here was the response:

Nov 11, 09:24AM
Hi Greg,

Yes, I can verify. Those messages should be ignored. If [you] click the link in the email [you] will see that it doesn't go anywhere. It is a total mistake on google's part.