Upgrading to Debian 10 “buster” (complete)

We’re upgrading our servers from Debian Linux version 9 (codename “stretch”) to version 10 (codename “buster”). We’ll be finishing that process over the next couple of weeks.

Your website and email should continue working as they always have, and we don’t expect any downtime. However, if you do have any trouble, don’t hesitate to contact us.

Although the final steps of the upgrade modify hundreds of software packages on the server, we’ve tested it extensively and don’t expect most customers to notice any change. (We’ve already been using the newer version of Debian for our own servers.)

Read the rest of this entry »

Having trouble sending to Gmail? (resolved)

If you’ve had trouble sending to Gmail addresses today or yesterday (December 14 or 15), where an address that you know is valid bounces back with “The email account that you tried to reach does not exist”, the problem isn’t you, or us. Gmail had a problem that caused this for all senders, seen on their status pages yesterday and today, with the latter confirming “Affected users received a bounce notification with the error “The email account that you tried to reach does not exist” after sending an email to addresses ending in @gmail.com”.

They also confirmed it on Twitter:

They say the problem is resolved now, so if it happened to you, it should work if you try sending again.

Webmail 2020 is now the default

For the last few months, we’ve had a new webmail interface available for our customers, but we hadn’t yet made it the default if you click “Webmail” at the top of our pages.

Starting today, the new interface is the default when you click that link. If you don’t like the new webmail system for some reason, the old webmail system is also still available from a link on the new login screen (and will remain available for the foreseeable future).

We have some tips for using the new system, which has more flexible message composing, the ability to drag-and-drop images and other attachments, a simpler mobile interface, and a generally more modern feel.

Updated version of webmail 2020

For the last few months, we’ve been publicly testing a new webmail interface for our customers. The new system has more flexible message composing, the ability to drag-and-drop images and other attachments, a simpler mobile interface, and a generally more modern feel.

Today, we’ve updated the software to (among other changes) add a new “Dark” theme you can choose, and also to improve the message view in “two column” layout. You can now switch between a “split” and a “full height” view by clicking the new zoom icon (shown here circled in green):

Split view
Full-height view

You can find the new webmail interface at https://webmail.tigertech.net/, and we have some tips for using it. (By the way, if you don’t see the new features immediately, you may need to logout and login again, or clear the cache in your web browser.)

We intend to make the new interface the default soon. But if you don’t like the new webmail system for some reason, the old webmail system is also still available (and will remain available for the foreseeable future).

Microsoft Outlook crashing?

Is your copy of Microsoft Outlook crashing when you start it today? If so, it’s not just you, and it’s not a problem on our end. It’s a bug in the latest Outlook update that Microsoft is aware of:

This page at Bleeping Computer describes how you can switch back to an older version, and you can also use our Webmail pages to read your email if you need to.

MariaDB (MySQL) database server update from 10.1 to 10.3

Update 9:16 PM June 27: the maintenance described below has been completed on all servers, so all servers are now running the MariaDB 10.3 series.

Over the next three weeks, we’ll be updating the MariaDB (MySQL) database server software on all our servers from the MariaDB 10.1 series to the MariaDB 10.3 series (equivalent to the Oracle MySQL 5.7 series).

The MariaDB/MySQL database software is what stores pages for WordPress and other sites that are run by scripts. Customers should not notice any difference after this change; we’re upgrading it to a more recent version simply to make sure it’s as fast, reliable and secure as possible. We’ve been using the new version on internal and test servers for some time.

At the moment the software is updated on a server, WordPress and other database-backed sites on that server will have 30-60 seconds of unavoidable “downtime”. To minimize the impact of that, we do these upgrades only on Friday, Saturday and Sunday nights between 9 PM and midnight Pacific time (midnight-3 AM Eastern time). This process will be complete on all servers by June 28.

Beyond that one-time brief interruption in service, customers should not notice any difference to how their site works, as we said. But as always, don’t hesitate to contact us if you have any trouble or questions.

Mailman mailing list software upgraded to version 2.1.30

The authors of the Mailman mailing list software we provide for customers have recently released version 2.1.30 to fix several bugs.

We’ve upgraded the Mailman software on our servers as a result.

Users of Mailman lists shouldn’t notice any changes, but as always, don’t hesitate to contact us if you have any questions or see any problems.

Change to SSH “RSA key fingerprint”

We’ve made a change to one of the SSH keys our servers use, and this post explains why a small number of customers may see a warning message as a result. If you don’t use SSH to connect to the command-line shell (most people don’t), you can ignore this post completely.

The change is that the RSA key has been increased in size (to 2,048 bits) to ensure that sites we host pass PCI compliance scans. (This change was unavoidable, because security companies are saying that any keys created years ago using the then-recommended size, like our previous one, must be replaced.)

Most modern SSH software now uses ECDSA keys instead of RSA keys, so this won’t affect most people. But if your SSH software still uses RSA keys, you may see a message like this:

Warning: the RSA host key for 'example.com' differs from the
key for the IP address '192.0.2.3'
Are you sure you want to continue connecting (yes/no)?

Or even more alarmingly, like this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now
(man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
21:24:65:80:55:5e:8c:e2:d9:6d:21:43:ef:07:3f:21.

If you see either of these, it’s expected and okay. It’s telling you that it thinks the RSA host key has changed since the last time you connected — which it has.

If your SSH client software completely prevents you from connecting because of an existing entry in your computer’s “known_hosts” file, removing the line it mentions from that file will fix it.

The next time you connect after doing that, you’ll be prompted to add the new key. You can verify the key fingerprint it shows you on our SSH page.

Sites hosted with us aren’t affected by today’s “Let’s Encrypt” SSL security bug

We provide free Let’s Encrypt SSL certificates for all sites hosted with our company.

Recently, Let’s Encrypt found a problem with some certificates that could cause site visitors to see security warnings if the certificate wasn’t renewed before noon Pacific time today (March 4, 2020).

Our customers don’t need to worry, though. We’ve already renewed any affected certificates, so the problem will not affect any sites we host.

There’s a website at checkhost.unboundtest.com you can use to test your certificate if you want to be sure. As always, don’t hesitate to contact us if you have any questions.

Brief MySQL scheduled maintenance February 15, 2020

Update 10:58 PM Pacific time: the maintenance described below has been completed, and all services are running normally.

Between 9:00 PM and 11:59 PM Pacific time on Saturday, February 15, 2020, the MySQL database software on each of our servers will be upgraded from MariaDB version 10.0.41 to 10.0.44 (roughly equivalent to MySQL 5.6.47). This will cause an approximately 60 second interruption of service on each MySQL-using customer website at some point during this period.

This upgrade is necessary for security reasons and to fix bugs in MySQL.

In addition, the web14 server will be restarted during this period for a hardware upgrade, causing an approximately 3-minute additional outage for sites and email on that server only.

We apologize for the inconvenience this causes.