[Owasp-leaders] Barracuda

Dirk Wetter dirk at owasp.org
Wed Feb 13 18:16:17 UTC 2019


Timur,

what are you talking about?

We're running a 9year old OS out of support for five years -- exposed
in the internet -- and this should be a reason to blame the SW ??

As indicated: It should be a task for half a day or less to sync all the files
from mailman to a modern Ubuntu or Debian system.


Dirk


On 13.02.19 18:23, Timur 'x' Khrotko [owasp] wrote:
> * Matt already suggested to move to Google groups which is part of the gsuite if my
> understanding is correct.
> 
> On Wed, 13 Feb 2019 at 18:21, Frank Catucci <frank.catucci at owasp.org
> <mailto:frank.catucci at owasp.org>> wrote:
> 
>     Matt, et al., 
> 
>     Can we (OWASP leaders, project leaders, etc.) not have a modern email server implemented to
>     run @owasp.org <http://owasp.org> email? Is that not a reasonable ask of OWASP and OWASP
>     staff? Am I missing something here? This sounds like a very reasonable and actionable
>     request to me...
> 
>     Regards, 
> 
>     Frank
> 
> 
>     On Tue, Feb 12, 2019 at 4:35 PM Matt Tesauro <matt.tesauro at owasp.org
>     <mailto:matt.tesauro at owasp.org>> wrote:
> 
> 
>         On Tue, Feb 12, 2019 at 4:03 AM Dirk Wetter <dirk at owasp.org <mailto:dirk at owasp.org>> wrote:
> 
>             Hi all / Matt,
> 
>             short update, see below. This time our germany list seems unknown.
> 
> 
>         All of the lists were unknown for some time starting last night (GMT -6) - not just
>         "our germany list".  The server that hosts mailman went down in a spectacular fashion. 
>         It took a while to get it back up but it's running again.  Items which complicated things:
> 
>           * that server's been running on the same VM since 2013 
>           * it's running an EOL/EOS OS (Ubuntu 10.04 - a 9 year old OS)
>           * Rack's support does not cover Mailman and we're running an out of date version that
>             is a major release behind current (2.x vs 3.x)
>           * technically, Rack's support doesn't cover EOL/EOS OS'es but they still helped us
>             get back online
>           * the OS is so old, Rack's monitoring and backup agents are no longer supported nor
>             run on the OS
>           * the VM configuration and type used for that host is no longer offered by Rackspace
>             causing complications which both caused the initial outage and complicated the
>             restoring the server
>           * since monitoring is no longer supported for that server, no alerts were sent when
>             it went down
>           * since the back agent can no longer run on a server that old, the most recent
>             file-level backup is from July 17, 2017
>           * Full VM image backups were still in place and working.  However, restoring those
>             backups to different type and configuration of VM caused issues that took working
>             with Rack's support team to get resolved.  
> 
>         Even with all those strikes against it, it's up and running again.  Not too bad to have
>         one (regrettably long) outage in 6 years.
> 
>         Props to the several people on Rack's support team that helped me get the Mailman VM
>         back up and running as they were able to do the 'behind the cloud'' work required to
>         get the VM working again.
> 
>         The system you seem to love to hate, Barracuda, spooled all the inbound email and that
>         is flowing again.  Once the retry period is over and that spool is empty, things should
>         return to normal. For a while, delivery of emails that came in during the outage may be
>         delayed a bit.  Barracuda, BTW, is also unlicensed and continues to work without any
>         agreement in place.  Thanks to Barracuda for now cutting us off.
> 
>         I also added a block volume to that VM to allow for a file-level backup workaround as
>         an interim solution while we wind down Mailman and retire it this year.
> 
>             When do we get a reliable mail delivery system for our lists?
> 
> 
>         Have you considered switching to Google Groups?  I'm pretty sure that Google has a
>         slightly larger IT staff and budget than OWASP does.  There's also discourse.owasp.org
>         <http://discourse.owasp.org> which is a SaaS alternative we have in place as well.  Or
>         you could try the OWASP Slack instance too.
> 
>         Thanks again for all your patience and understanding.
> 
>         Cheers!
> 
>         -- Matt Tesauro
>          
> 
> 
>             Dirk
> 
> 
>             -------- Forwarded Message --------
>             Subject:        Delivery Status Notification (Failure)
>             Date:   Tue, 12 Feb 2019 01:13:15 -0800 (PST)
>             From:   Mail Delivery Subsystem <mailer-daemon at googlemail.com
>             <mailto:mailer-daemon at googlemail.com>>
>             To:     dirk at owasp.org <mailto:dirk at owasp.org>
> 
> 
> 
>             Error Icon
> 
> 
>                 Address not found
> 
>             Your message wasn't delivered to *owasp-germany at lists.owasp.org
>             <mailto:owasp-germany at lists.owasp.org>* because the address couldn't
>             be found, or is unable to receive mail.
> 
>             The response from the remote server was:
> 
>             550 permanent failure for one or more recipients (owasp-germany at lists.owasp.org:550
>             <http://[email protected]:550> 5.1.1
>             <owasp-germany at lists.owasp.org <mailto:owasp-germany at lists.owasp.org>>... User unknown)
> 
> 
>             Attached Message Part
> 
>             Reporting-MTA: dns; googlemail.com <http://googlemail.com>
>             Received-From-MTA: dns; dirk at owasp.org <mailto:dirk at owasp.org>
>             Arrival-Date: Tue, 12 Feb 2019 01:13:12 -0800 (PST)
>             X-Original-Message-ID: <2326a30c-8ecb-5ea2-65d6-87b549c23f6a at owasp.org
>             <mailto:2326a30c-8ecb-5ea2-65d6-87b549c23f6a at owasp.org>>
> 
>             Final-Recipient: rfc822; owasp-germany at lists.owasp.org
>             <mailto:owasp-germany at lists.owasp.org>
>             Action: failed
>             Status: 5.0.0
>             Remote-MTA: dns; d15006a.ess.barracudanetworks.com
>             <http://d15006a.ess.barracudanetworks.com>. (209.222.82.126, the
>              server for the domain lists.owasp.org <http://lists.owasp.org>.)
>             Diagnostic-Code: smtp; 550 permanent failure for one or more recipients
>             (owasp-germany at lists.owasp.org:550 <http://[email protected]:550> 5.1.1
>             <owasp-germany at lists.owasp.org <mailto:owasp-germany at lists.owasp.org>>... User unknown)
>             Last-Attempt-Date: Tue, 12 Feb 2019 01:13:15 -0800 (PST)
> 
> 
> 
> 
>             -- 
>             OWASP Volunteer
>             Send me encrypted mails (Key ID 0xD0A74569)
>             @drwetter
> 
>         _______________________________________________
>         OWASP-Leaders mailing list
>         OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
>     This message may contain confidential information - you should handle it accordingly.
>     _______________________________________________
>     OWASP-Leaders mailing list
>     OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> -- 
>    
> secmachine․net #wepowersecdev

-- 
OWASP Volunteer
Send me encrypted mails (Key ID 0xD0A74569)
@drwetter



More information about the OWASP-Leaders mailing list