Many, many years ago, some e-mail programs didn’t use a password when sending outgoing mail. That meant they didn’t work with many mail servers, including ours. To help customers with that problem, we used to allow a horrible alternate method called “POP before SMTP”, although it was never recommended or officially supported (it was unreliable and made it harder for us to prevent spam).
Well, here we are in a new millennium (“welcome!”). No popular mail program has needed “POP before SMTP” for more than a decade, and only a small handful of our customers are still using it. But spammers are continually trying to take advantage of the security problems it creates for all e-mail addresses, making it just as much of a nuisance on our end as it ever was.
Because of that, we no longer allow e-mail addresses to send mail using “POP before SMTP” unless they were previously doing so. In other words, if an address wasn’t using “POP before SMTP” before now, it won’t be able to start using it in the future.
Read the rest of this entry »
We’ve updated our servers with a Perl security bug fix. This won’t affect most customers, but read on if you know you use Perl scripts on your site.
Read the rest of this entry »
Microsoft FrontPage was once a popular Web design program. Microsoft stopped selling FrontPage in 2006, though, and we’ve been warning about the end of FrontPage support for a while now (on both our support pages and our blog).
That time has now arrived. Our FrontPage support for new sites will end on September 1, 2011, and support for existing sites will end a year after that.
Read the rest of this entry »
World IPv6 Day is now in progress (it started at midnight UTC, which was 5:00 PM Pacific time). For the next 24 hours, many sites on the Internet, including our own www.tigertech.net, are fully IPv6-enabled.
If you have trouble connecting to www.tigertech.net, check other sites like Google, Yahoo and Bing. If you have problems with any of those, you should test your IPv6 connection and notify your ISP or network administrator about any problems.
For more information about IPv6 (and how sites hosted with us can participate), see our previous post: Now We Are Six: IPv6 support.
Today we detected that one of our customers had installed a WordPress plugin on his blog that did something malicious: when the plugin was activated, it sent a stranger an e-mail message allowing full administrator access to the blog.
How did this happen? Well, our customer simply searched the WordPress plugin directory for “Contact Form”, saw the popular “Contact Form 7” plugin listed, then clicked “Install Now”. That all sounds reasonable.
Read the rest of this entry »
We’re pleased to announce optional IPv6 support for Web sites hosted with our company (just in time for World IPv6 day next week!).
Most customers shouldn’t use IPv6 yet, and if you don’t know what it is, you can safely ignore this post. But if you’re familiar with IPv6 and interested in adding it to your site, this post explains what you need to know.
Read the rest of this entry »
Our FTP servers now support TLS/SSL encryption of FTP passwords, adding more security to FTP.
Confusingly, there are a variety of different SSL/TLS encryption schemes for FTP offered by various FTP clients. The one we support is the most widespread, known as “explicit TLS encryption” of the FTP command channel. It’s defined in RFC 4217.
Encryption is supported by many popular FTP clients, including the FileZilla FTP client. (The quickest way to use it in FileZilla is to put ftpes://ftp.tigertech.net in the QuickConnect “Host” box, then accept the “Unknown certificate”.)
Read the rest of this entry »
We now offer Sieve e-mail filtering software on our mail servers. Sieve allows you to process incoming e-mail when it arrives in your Inbox on our server. This is great for anyone who uses a mail program (such as an iPhone) that doesn’t have its own filtering capabilities, or anyone who runs multiple mail programs and doesn’t like having duplicate copies of their filters. It’s also very useful because Sieve filters always run immediately on our server, rather than requiring your mail program to be always running.
If you are happy with the filtering rules available in your mail program (such as Thunderbird, Outlook, or Webmail), then you probably don’t need to use Sieve.
Read the rest of this entry »
One of the positive developments on the Internet over the last few years has been increased encryption of e-mail. The Internet is a hostile environment; sometimes your data goes through the servers and routers of companies you’ve never even heard of, or of governments you’ve heard of but don’t like. It makes sense to encrypt e-mail whenever possible.
We’ve supported encryption between our customers and our e-mail servers for a long time, protecting you from eavesdropping “hackers” when you use a WiFi connection at an Internet cafe, for example. But like most companies, we didn’t try encrypting outgoing e-mail after it left our servers or encrypting incoming e-mail from other servers. Although technical standards for doing that exist, they’re relatively new in Internet terms, and our original testing indicated it could cause problems with mail delivery due to many misconfigured servers on the Internet.
That’s changed: More recent testing indicates that it’s much more reliable, and other large companies like Gmail are starting to use it. Because of that, we now use strong TLS (SSL) encryption for inbound and outbound SMTP mail connections (“MX” mail delivery) wherever possible.
Read the rest of this entry »
We’ve renewed the SSL certificate on our mail servers (because it was due to expire soon).
Almost all customers shouldn’t notice any change, but if you read e-mail using a secure connection with an unusual mail program that doesn’t handle SSL connections properly, you might be asked to “accept” the new mail.tigertech.net certificate.
Read the rest of this entry »
