Archive for May, 2009

Checklist before you shift your website between web hosts

Thursday, May 28th, 2009

It can be somewhat of a nightmare when you have to migrate from one web hosting provider to another if you are getting more features and services which are not available with your present web host. But before you take the leap of shifting your website, following is an important set of TODOs which can save you considerable heartburn and help ensure minimal downtime when you shift your webhost:

  1. Ensure that the new webhost meets all your needs, like storage space, bandwidth, down times, support for the operating system and applications that run on your web site, support for scripts and an adequate number of email accounts and auto responders.
  2. The next step would be to back up all your website content/DB on your current server to a secure location. Make sure you get all your email  downloaded to local machine as it may not be possible to restore mails from another server, databases and website files.
  3. Upload all your files and databases to the new server and make sure you retain all the file permissions as they were on your old siteso that you don’t end up with scripting errors. Arrange a test environment to test the scripts, contact pages, and databases connection and check for incompatibility issues between applications on your old server and your new one, before you make the necessary DNS change.
  4. You need to plan for the downtime that would result from this event. DNS updates take up to 48-72 to propagate globally across the Internet. Let your customers and website visitors know of this planned upgrade. Make the move when your traffic would be the least (ideally during weekends or holidays).
  5. Check if mail services for your domain is running on the new hosting provider so that you don’t lose any email messages, when you make the transition.
  6. If your domain name registration is a part of your old hosting plan, then you might want to move your domain to another third party provider since moving your site to a new web hosting provider means that your domain name company remains the same while your web hosting provider changes. If your domain name was registered using a third party domain name registration company, then this is not an issue.
  7. If your site is dynamic, DNS update delays can cause data lose if you are not careful. Some customers may see your old site while others have access to the new one. To minimize such occurrences, disable your site  on the earlier webhost with a message on a static page so that these users cannot update the old DB on the server.
  8. If you plan to migrate more than one domain, make sure you start the process with enough time to spare for the DNS update delays and take expert help on this issue.
  9. Make sure all the visitors to your old webhost are being redirected to your new site before canceling your current web hosting provider. It is best to keep both sites up and running in parallel for at least one weeks, it will help you to retrieve data if there are any issues. Take a final backup of all your site content and database before canceling your current web hosting provider.
  10. Check your site on Google to ensure that the links indexed by Google are still working well. Sometimes, the links spidered by Googlebots on your previous webhost (especially if you are on a dedicated IP), show a ’404 nage not found’ error, which might cause all your organic SEO efforts get washed away in a single instance.

Hopefully, the above tips would help you understand the importance of planning in advance to the smallest detail, if you intend to shift webhosts anytime in the near future.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
 Loading ... Loading ...

Tags: , ,
Posted in Web Hosting | 1 Comment »

Greylisting – A great way to block incoming spam emails

Monday, May 18th, 2009

Greylisting is a new weapon to use against spam. With this new shielding method, by which you may block out huge amounts of spam, you are sure to please your email users!

In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happens is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a “421 Envelop failure”-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again – but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later.

Spammers often adapt to this technique but that does not really make greylisting useless. This delay in new sender contacts also gives you a lot of extra power. This may be an hour, but in this hour there is a large chance that the mass mailer/spammer has been identified by the more conventional anti-spam software. Thus, when he retries it, is likely that we will know that the mail is a SPAM mail.

Three pieces of information from a delivery attempt, referred to a as a triplet are used to uniquely identify the relationship between a sender and a receiver:

  • The Envelope Sender.
  • The sending host’s IP address.
  • The Envelope Recipient.

Perhaps the most significant disadvantage of greylisting is the fact that, like some other spam mitigation techniques, it destroys the near-instantaneous nature of email people have come to expect. A customer of a greylisting ISP can not always rely on getting every email in a pre-determined amount of time. However, the original specification for email states that it is not a guaranteed delivery mechanism and not an instantaneous delivery mechanism. This means that greylisting is a perfectly legitimate process and does not break any protocols or rules. Traditionally, greylisting is very good at flushing out poorly configured mail servers that cannot maintain state, queue email correctly, or retry delivery within a reasonably short time. Mail servers that are properly configured and fully conform to SMTP generally have no problems with greylisting techniques and delays are very small so as not to be a problem.

Some MTAs, upon encountering the temporary failure message from a greylisting server on the first attempt, will send a warning message back to the original sender of the message. The warning message is not a bounce message, but it is often formatted similarly to one and reads like one. This practice often causes the sender to believe that the message has not been delivered, when in fact the message will be delivered successfully at a later time.

Also, legitimate mail might not get delivered if the retry doesn’t come within the time window the greylisting software uses, or if the retry comes from a different IP address than the original attempt. When the source of an email is a server farm or goes out through an anti-spam mail relay service, it is likely that on the retry a server other than the original server will make the next attempt. Since the IP addresses will be different, the recipient’s server will fail to recognize that the two attempts are related and refuse the latest connection as well. This can continue until the message ages out of the queue if the number of servers is large enough. This problem can partially be bypassed by identifying and whitelisting such server farms in advance. However, it is not possible on a distributed network the size of the Internet to maintain a complete list of all such server farms.

It needs to be noted that such SMTP delivery server farming techniques can be construed as breaking RFCs detailed above since the original sending machine has absolved itself of the responsibility of mail delivery by tossing it back into the pool, which breaks the state of the mail delivery process.

Tags: , , , ,
Posted in Linux, Web Hosting | No Comments »