SpamTitan Upgrade

On Sunday 27 February 2022 we upgraded our SpamTitan service to a new server. As well as faster, more modern hardware, new appliance uses a new version of FreeBSD under the hood which brings many performance and security enhancements.

While we do not anticipate any disruption to service, there are two potential issues to be aware of:

  1. The source IP address of SMTP connections from our SpamTitan server has changed. If you are running your own email server and previously had 83.96.156.210 configured explicitly in your firewall, please update this to 193.189.141.10 in order to continue receiving clean email. Our SpamTitan server will queue your mail for up to 3 days. The old IP address will continue to accept inbound SMTP connections on port 25 for 14 days, after which it will be disabled.
  2. Unfortunately it has not been possible to migrate the existing Spam Quarantine, so if you need to access any mail that was quarantined prior to 27 February you will need to log in at https://ams2-spamtitan.anu.net/ in order to release it from your quarantine.

If you have any questions or concerns, please do not hesitate to drop us an email to support@anu.net.

Passwordless SSH logins using private keys and .ssh/config

These instructions will work on any computer that uses OpenSSH such as macOS or most Linux/Unix systems. The process for generating keys on other platforms will vary but the general principle is the same.

  • Open your Terminal app and generate a new key pair by typing ssh-keygen at the shell prompt. You should see:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):

Press Enter to confirm the default location (that is, ~/.ssh/id_rsa) for the newly created key and the press enter twice more when prompted for a passphrase.

  • After this, you will be presented with a message similar to this:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
e7:97:c7:e2:0e:f9:0e:fc:c4:d7:cb:e5:31:11:92:14 alfie@example.com
The key's randomart image is:
+--[ RSA 2048]----+
|             E.  |
|            . .  |
|             o . |
|              . .|
|        S .    . |
|         + o o ..|
|          * * +oo|
|           O +..=|
|           o*  o.|
+-----------------+
  • Change the permissions of the ~/.ssh/ directory to 700 to ensure it is only accessible by your user ID:
$ chmod 700 ~/.ssh
  • Copy the content of ~/.ssh/id_rsa.pub into the ~/.ssh/authorized_keys on the machine to which you want to connect, appending it to its end if the file already exists.
  • Set the permissions of the ~/.ssh/authorized_keys file using the following command:
$ chmod 600 ~/.ssh/authorized_keys

How to create an SSH shortcut

To create a custom ssh connection so you don’t need to type the IP address of your server every time, type from your home directory:

nano .ssh/config

then enter the following below

Host shortcutname
HostName 10.11.12.13
IdentityFile ~/.ssh/id_rsa
PreferredAuthentications publickey
Port 22
User root

Save the file and exit nano. You can now connect to the server using the command ssh shortcutname without having to enter any additional connection information or password.

Upcoming USA1 datacenter migration

What is happening?

Over the coming weeks we will be migrating customers hosted out of our usa1 (Chicago) datacenter to a new datacenter facility which is also located in Chicago approx 2 miles away.

Why?

The new facility offers us higher power availability, better connectivity and more redundancy. We are also taking this opportunity to complete the roll-out of improved firewall and encryption subsystems on our virtualization hypervisors to further improve our cyber security defenses.

What is the impact?

Affected customer VMs will be migrated one by one to new hardware running in the new datacenter. Both facilities are connected by a VLAN which will facilitate seamless transition of IP traffic. No IP renumbering or other changes will be required. Once migration is complete you can expect lower latency, faster performance and better security.

Migration will require a brief disruption while we sync changed data and reboot VMs on new hardware. We will schedule migrations with affected customers individually at the most convenient time slots.

Questions?

Please contact support@anu.net if you have any questions about this migration.