F.A.Q.

Frequently Asked Questions

Please see the links below for answers to commonly asked questions.

DNS

I need to make changes in my DNS entries hosted by Cloudsmart. How is this accomplished?

A DNS maintenance form is available here. Please note that for security reasons, requests need to be submitted by the customer’s technical contact. For more information, please review information on customer contacts on the FAQ page.

Can I use subdomains in DNS? For example: fieldoffice.mycompany.com. And what about email from that domain name?

Yes, we can setup subdomains in DNS.

For example, you can have mail.fieldoffice.mycompany.com, ftp.fieldoffice.mycompany.com, or http://fieldoffice.mycompany.com

We can also support your mail server setting on a subdomain by configuring mail exchange records (MX) so that, for example, email to jdoe@fieldoffice.mycompany.com will be delivered to a server at that domain.

Please click here to submit DNS maintenance requests.

How soon after I submit a DNS change request can I expect that the Internet will be updated?

Cloudsmart staff will normally apply DNS changes during the same or next business day of the request.

If Internet users have connected to one of your sites prior to the changes being applied they may not immediately get the updated information. This is due to DNS Caching.

DNS servers cache (temporarily hold) information to reduce Internet traffic and improve performance. Caching is controlled via a setting named “Time to Live” (TTL) that is managed in DNS records. CloudSmart normally uses a setting TTL of 24 hours based on industry standard practice.

For time sensitive applications, such as adding or changing a mail server address, the TTL setting can be lowered by special request. In these cases please request updates at least 24 hours in advanced of changes in your systems and contact Cloudsmart to coordinate changes.

What is DNS and why is it an important service provided by Cloudsmart?

Internet communication is managed via TCP/IP addresses. At any given time, every system
connected to the Internet communicates via an individual IP address. In the early history of the Internet when the total number of computers connected to the Internet was relatively low, systems were given names such as UCBerkleyServer to facilitate the use of computer programs such as electronic mail to communicate. At first, these names and their address translations were managed in text based files which were shared by systems administrators, however, with explosive growth of the network into hundreds of millions of connected systems, the Domain Name System (DNS) was developed to serve as an automated directory to manage Internet names.

Most users are familiar with Internet naming conventions. For example .com for Commercial firms, .net for Networking firms, .gov for Government or .edu for Educational Institutions. These are managed via Registries. With deregulation that occurred in the nineties, The Internic which is managed by Network Solutions, a division of Verisign and the initial central authority for assigning and managing DNS, was forced to open competition resulting in the development of other registration firms. Verisign and their competitors are now commercial entities that charge for Domain registration.

DNS represents an organization’s presence on the Internet. And thus management of the registration process and the computing services needed to serve the directory service is important for smooth operation of an organization’s electronic communication as well as the Internet. Since many Internet services include DNS and since when it operates correctly, it is transparent, it tends to be trivialized. Although conceptually a simple application, it is a complex system in terms of its implementation and management. Since it is at the very core of Internet operations, it is a focal point for security related attacks.

Cloudsmart has since its inception, invested substantial resources in the hardware, software and staffing required to implement, manage, maintain, monitor and secure its DNS resources. It provides services to assist customers with the registration process including configuring points of contacts (POC) so that customers do not lose control of their domains. Technicians implement leading Internet DNS software and diligently monitor bug reports and keep software up to date. Cloudsmart also provides timely DNS service and support for customers and their business partners in order to implement special applications, expedite important changes or troubleshoot problems.

Since failure of a customer’s DNS can occur at any of many levels, Cloudsmart maintains multiple (redundant) DNS servers and 24×7 DNS support. These systems include servers tuned and secured based on functionality.

Cloudsmart administrators also offer advanced services and provide trouble shooting and support to customers who have implemented internal servers that work with Cloudsmart DNS to provide improved performance and expedited management on larger installations. In many cases, customers implementing advanced applications such as Microsoft Windows 2000 Active Directory depend on Cloudsmart DNS to insure proper operation of internal services.

The bottom line for most customers, however, is performance and availability. Often, slow or intermittent operation of mail and WEB service can be attributable DNS. Examples include registration termination results in sporadic email operation, busy or inaccessible DNS servers cause WEB pages to load slowly or not at all, or firewalls becoming overloaded as a result of incorrect internal DNS configuration resulting in apparent denials of service. CloudSmart has years of experience diagnosing and helping to resolve these issues with customers.

For more information, please review other FAQs on this site.

Emails

How do I set up my email software to work with Cloudsmart servers?

Follow the instructions below based on where your mailbox is resided on. New mailboxes are set up on our IMAP server and old mailboxes are on POP server. Please contact Cloudsmart Support if you don’t know which instruction to follow.
IMAP Server
These instructions are for setting up a new profile for Outlook, but they can be applied to other clients such as Thunderbird, iPhone, etc.
Go into Windows Control Panel, click on the “Mail” icon. Click “Add”. Select “IMAP” as “Server Type” and click “Next”.
User Information
Your name: Type in your full name
E-mail Address: Type in your email (smith@domain.com)
Server Information
Incoming mail server (IMAP): mail.recol.com
Outgoing mail server (SMTP): smtp.recol.com
Logon Information
User Name: Type in your email (smith@domain.com)
Password: Type in your password (case sensitive)
Check “Remember password” option
Click on “More Settings…”
Click on “Outgoing Server” tab
Check “My outgoing server (SMTP) requires authentication”
Select “Use same settings as my incoming mailserver”
Click on “Advanced” tab
Incoming server (IMAP): 143
Outgoing server (SMTP): 465
Check “This server requires an encrypted connection (SSL)”
Click “OK” to save and exit.
Notes: If you have problem sending using port 25, change it to 465 instead. Some providers block port 25 traffic.

 

POP Server

Go into Windows Control Panel, click on the “Mail” icon. Click “Add”. Select “POP” as “Server Type” and click “Next”.

User Information
Your name: Type in your full name
E-mail Address: Type in your email (smith@domain.com)
Server Information
Incoming mail server (IMAP): mail.recol.com
Outgoing mail server (SMTP): smtp.recol.com
Logon Information
User Name: Type in your userid (smith@domain.com)
Password: Type in your password (case sensitive)
Check “Remember password” option

Click on “More Settings…”
Click on “Outgoing Server” tab
Check “My outgoing server (SMTP) requires authentication”
Select “Use same settings as my incoming mailserver”
Click on “Advanced” tab
Incoming server (IMAP): 110
Outgoing server (SMTP): 465
Check “This server requires an encrypted connection (SSL)”

Click “OK” to save and exit.

Does Cloudsmart provide web-based email?

Yes. Point your Internet Browser to https://webemail.recol.com.

When presented with a login screen, enter the following information:

Your email address
Your email password (case-sensitive)

If you do not know your password, please contact Cloudsmart at support@cloudsmart.tech

I recently received a notification that my email server has open relay and is the source of SPAM. What is SPAM and what do I do about it?

SPAM ( Unsolicited e-mail, often of a commercial nature, sent indiscriminately to multiple mailing lists, individuals, or newsgroups; junk e-mail.) has been a problem for email server administrators and users since the inception of the Internet. Open relay is a condition on a server that allows Internet users or remote servers to use the server to send (relay) email. The following are issues related to SPAM:

An innocent bystander’s server, such as your company’s, can be used to forward large volumes of email
SPAM mail is a favorite tool for the spread of malicious and virus laden email
High volumes of SPAM can impact your company’s server and network performance
If the problem persists, your company’s server could be placed on one or more SPAM notification lists (Blacklisted). This may result in email originating from your company’s server being blocked (bounced) for delivery to remote email servers that subscribe to these lists.
To combat SPAM Cloudsmart monitors: the traffic relating to the number of emails sent by our servers, the Open Relay Database and a variety of other sources. This give Cloudsmart the ability to stop some SPAM before it happens or to notify those abusing our servers as well as our customer’s mail servers through open relays and other such actions.

If you run your own Internet mail server, such as one using Microsoft Exchange or Unix Sendmail or compatible message transfer agent (MTA), there are settings to manage email relay and forwarding. These should be applied. Contact your support organization (your integrator) to assist you with these settings. Or refer to your mail server documentation, Microsoft’s documentation or your MTA’s support site.

Once your server is secured against open relay, Cloudsmart staff can help you test your configuration.

http://www.ordb.org/ is an excellent site for more information.

How can I reduce the amount of junk email (SPAM) that I receive?

There are commercial and open source server and workstation based products available that can be implemented to filter email. The industry term for this activity is SPAM which is described in another FAQ in our database.

After an extensive research and evaluation effort, we have developed and now offer SPAM reduction services. A key challenge is insuring that legitimate email is not filtered while providing administration services that are tuned to varying needs while providing an efficient and affordable service. Please visit our Email Solutions page for more information on SPAM reduction service.

Our mail administrators also suggest practices that can help limit unsolicited email:

Use complex email names. For example firstname.lastname@company.com verses mary@company.com. Once junk mailers have a domain name, they often broadcast out to lists using common names.
Do not subscribe to lists unless you are absolutely familiar with them.
If you do subscribe to a list, be sure to uncheck options for distribution of your contact info.
If you receive an email that appears to be from a list and they have a link to unsubscribe, do NOT do it. This is a way for junk mail senders (SPAMMERS) to verify email addresses and they often share or even sell lists of these addresses.
If possible, use more than one email address. Maybe one for business and another for personal use.
Never click on links in email from unknown sources. These may launch malicious programs and viruses attached to the email that often broadcast your email and possibly your address book out to the Internet.
If email of dubious content comes from a known source, do NOT click on links. It may be a forged email.
Beware of email sent from you to you, sent to large lists of unfamiliar email addresses, subject lines that do not match content, and curious or odd subject matter.
For more information review other FAQ’s on this site or visit the Open Relay Database.

If you or your company is interested in enrolling in Cloudsmart Spam Reduction Services please contact Cloudsmart for an update on product offerings at info@cloudsmart.tech

Is there a limit on the size of email attachments sent and received by Cloudsmart mail servers? If so, what is the limit?

There is a 25 Megabyte limit on attachments for mail being delivered to Cloudsmart servers (Incoming and Outgoing). This applies to customers using POP3, IMAP, Exchange, Mail Bagging, and Smart Host services.

Please note that other Internet mail administrators or ISPs may adhere to different policies and limits which may impact the delivery of your email to others if you send large attachments.

Can you explain the mail server types and hosting services offered at Cloudsmart?

POP3: Provides incoming services for your email software by storing email on Cloudsmart mail server and allowing your email software access to your mailboxes
Relay : Provides outgoing (SMTP) services for your email software
Mail Bagging: If mail can not be delivered to the primary mail server, it is temporarily stored.
Mail Host Backup – same as Mail Bagging
Smart Host – Email is received and then forwarded to destination server
Notes: Mail Bagging servers store data for 5 days before bouncing email. They will try to forward the mail every 15 minutes.

Cloudsmart mail servers support the ETRN command which is used to synchronize mail delivery.

What’s an email alias?

An email alias simply forwards email messages to another email address. Your alias will not have its own storage space, username, or password like a real email address and it must be associated with a real email address.

An email alias gives you the ability to receive email at more than one address or you may also use an alias to distribute email messages to a group of people. (Example: An email gets sent to sales@yourdomain.com. The people on your alias recipient list will receive all of the email sent to sales@yourdomain.com. Your recipient list contains: mary@yourdomain.com and john@yourdomain.com. Mary and John will receive all of the email sent to sales@yourdomain.com).

What are the email filtering policies associated with different Cloudsmart email services?

Cloudsmart mail services incorporate rules to filter out unwanted mail. The nature of the filtering will depend on service levels or email solution you choose.

Standard Email

Virus Scanning

Anti-Spam

All mail received by Cloudsmart servers must pass certain industry standard criteria before being stored for pickup or forwarded. These rules follow best practices to reduce or eliminate malformed, corrupted and unwanted mail. Mail may be rejected for example due to DNS issues such as an unregistered domain name or from an mis-configured or possibly spoofed mail server.

In order to combat threats and to maintain the security levels of Internet mail servers, as vulnerabilities are discovered, patches are developed and then applied. In some cases, the patches may change the filtering characteristics and operations of the mail filtering service as new vulnerabilities are discovered. Thus occasionally, mail may bounce that had been previously transferred due to origination from a source which has become suspect. This FAQ will be updated whenever it is determined that software upgrades or patches materially affect email filtering characteristics, or when a conscious change in filtering policy is made.

Below is an overview of the most common filtering criteria being applied on Cloudsmart email servers.

STANDARD EMAIL SERVERS

If one of the following criteria is not met our server rejects the mail:

Sender address is not a fully qualified domain name (FQDN): Domain name is the string after the @ sign in an email address. For example: cloudsmart.tech. Sender address cannot be in these forms: user, user@ or user@recol. It has to be in the form user@recol.com.
Recipient address is not fully qualified domain name: Same as #1 but for recipient or To: address.
Sender domain is unknown: Sender domain without A or MX record. Domain has to be resolvable by DNS (Domain Name System).
Recipient domain is unknown: Same as #3 but for recipient instead of sender.
Unauthorized relaying: Sender is not authorized to relay mail using our server to third party because sender is not a trusted site (opposite to open relay).
Sending MTA (Mail Transfer Agent) or application does not conform to RFC 821 envelope addressing (http://www.ietf.org/rfc/rfc0822.txt?number=821): RFC (Request For Comments) developed by the Internet Engineering Task Force. It is a set of standard protocols that MTA should follow. Sending MTA should wrap the addresses between the <> brackets. For example:
Sending MTA does not accept bounces: when a sending MTA refuses to accept mail from null address (<>). null address is used by the receiving MTA to return or bounce non-deliverable mail to the sender mail host.
Sending MTA (Mail Transfer Agent) uses bogus argument field in HELO or EHLO command: when sending MTA establishes connection to our server, it identifies itself by using a HELO or EHLO command. The HELO or EHLO must have a valid and FQDN hostname. The argument field contains the hostname of the sending MTA. Examples: mail.domain.com or hostname.domain.com. Invalid arguments are: 28#4, hostname or server. Most spam mailers and viruses use bogus HELO command.
Known abusers: Mail sent from known abusers of RECOL’s mail servers will be blocked.
Headers consist of non-encoded 8-Bit characters (RCF2047).
Message size limit is 25 MB.
Spambots and clients that connect too frequently are subjected to rate-limiting. This is to protect server resources.
RealTime Blacklists (RBLs): If sender MTA IP is listed our server rejects mail from this site.
ANTI-SPAM EMAIL SERVICE

Includes all rules in STANDARD EMAIL SERVICE and has these additional checks:

The following attachment types are banned: ade adp bas bat chm cmd com cpl crt emf exe grp hlp hta inf ins isp js jse lnk mdb mde msc msi msp mst pcd pif reg scr sct shs shb vb vbe vbs wmf wsc wsf wsh. However, they are allowed to pass within an archive such as zip/rar/tar. No need to password protect the archive.
Cloudsmart uses SpamAssassin, a content based filtering software, to detect and block unwanted mail. We pass mail with score of 5.0 points or less. We tag mail which seems spammy with string ***SPAM*** inserted in the subject line (score between 5.0 and 10.0 points). Mail with score of more than 10 points will be quarantined on our systems for one week. Quarantined mail can be released to user if needed and will be purged after one week.
URI checking, web links found in the body of message are checked against public databases. Points will be added to the overall score if matched.
Greylisting, please go here for more info http://www.greylisting.org
Distributed Checksum Clearinghouse (DCC)
Cloudsmart local white and blacklist consisted of customer’s requests and mailserver admin’s input.
ANTI-VIRUS EMAIL SERVICE

Includes all the rules in both STANDARD EMAIL SERVICE and ANTI-SPAM EMAIL SERVICE plus this:

Message matches anti-virus signature. Virus mail will be quarantined on our systems for one week. It can be released to user if needed and will be purged after one week.

What is SPF and how can it help stop spam?

Sender Policy Framework, SPF, is a DNS and Internet Mail (SMTP) supported technique that assists Internet mail serving software verify sources of email. A simple explanation is that DNS administrators place SPF records in configurations files. Then when mail is received, servers verify that a sending server has an IP that is registered. For example an SPF record would state that mail from cloudsmart.tech is being received from a registered Cloudsmart mail server.

A challenge to mail administrators is that much SPAM is being sent via virus laden computers that have the ability send/relay mail. SPF offers an ability to thwart spoofed email as when an email’s return/sending address has been stolen.

Cloudsmart’s chief email architect has been researching and implementing SPF where applicable. He reports there is a long way to go for universal acceptance and there are issues that force customers to continue using their anti-spam and virus scanning solutions.

More information is available at http://spf.pobox.com

What is Phishing and can anything be done about it?

Phishing is a term for a class of email that attempts to lure users to sights that can extract personal information to support identity theft. Examples include sites that are duplicates of Paypal, banks and credit card WEB sites.

The email user is often asked for information such as Social Security Number (SSN), email, motor vehicle driver’s license and in some case credit card information.

Do not use an unknown site to enter personal information. Anti-Spam and virus scanning software and services as provided by Cloudsmart can help thwart Phishing and other malicious email. Please review other FAQ’s and Cloudsmart’s Web site for more information.

For information and to report issues, please visit InfraGard Connecticut’s home page. More information will be provided including contacts for reporting issues to the FBI or Connecticut Department of Homeland Security (CTDHS).

What are Cloudsmart’s hosting monitoring and alerting services policies and procedures?

Cloudsmart technicians utilize several tools and procedures to monitor services and then update customers on issues, trouble shooting and resolution.

Cloudsmart monitors its network 24×7. This FAQ will focus specifically on hosting customer services monitoring.

Managed Services: Cloudsmart monitors and alerts on customer servers and applications 24×7.

Colocation Services: Customers are responsible for monitoring and managing their applications. Cloudsmart does 24×7 monitoring via ICMP ping to verify networking and power realated issues. Alerting on system outages occur from 7:00am to 10:00pm every day.

Security

Where can I get help if I suspect a potential crime against children via cyber or other means?

The expansion of the Internet into every day lives has exasperated an already serious problem. Thus Federal, State and Local lawmakers, the courts and law enforcement have been mobilized to meet new challenges to protect our children.

Since there are differing jurisdictional responsibilities among law enforcement agencies and the courts, the following represent general guidelines for reporting incidents and obtaining help:

If you know about a child who is in immediate risk or danger, call your local police or 911.

For information and help, try the following resources.

“National Center for Missing or Exploited Children” at:

http://www.missingkids.com
Phone: 1-800-THE-LOST
For the FBI, contact the New Haven FBI Field Office at 203 503-5106. Ask for help with a “Computer crime against a child”.

For the State of Connecticut Police please call 203 639-6492 and then ask for the “Computer Crimes and Electronic Evidence Unit”.

You may contact your local law enforcement offices and ask for help with “Computer crimes against children”. Some municipalities have special units for this area, but if help doesn’t seem readily available, try the resources listed above.

Why have computer viruses become an Internet security threat?

Before the advent of millions of systems attaching to the Internet, the most common goal of computer virus developers was to impact the operation of target systems and their networks. Today, however, virus supported software delivered via email or security exploits via the Net often support cyber crime including:

Intrusion where hackers gain access to virus infected machines
Identity theft
Denial of Service attacks
Organization Espionage and the theft of Intellectual Property
Information warfare where cyber events complicate physical events
Although common security technologies such as firewalls protect the flow of traffic from the Internet into individually attached machines and networks, there are often few restrictions placed on the flow of information from systems to the Internet. Since a virus can deliver software that can execute and remain resident on Windows, Macintosh and other systems that support multiple program operation, then infected computers can provide resources that use networking to accomplish the bidding of the hacker. An insidious issue is that this activity is often unknown to system owners and administrators.

A growing concern is 3rd party attacks where infected machines may not only damage those systems at a target individual or organization, but also affect operation of remote computers at another organization. If substantial damages result, civil suites may ensue between the target and remote organizations.

Please contact Cloudsmart for more information about its managed services which includes best in class Antivirus protection and content filtering.

What is private address space as recommended by the Internet Assigned Numbers Authority (IANA)?

The following has been extracted from RFC 1918. The full text is available at the Internet Engineering Task Force (IETF) RFC Page at:

http://www.ietf.org/rfc.html

The Internet Assigned Numbers Authority (IANA) has reserved the following

three blocks of the IP address space for private internets:

10.0.0.0 – 10.255.255.255 (10/8 prefix)

172.16.0.0 – 172.31.255.255 (172.16/12 prefix)

192.168.0.0 – 192.168.255.255 (192.168/16 prefix)

We will refer to the first block as “24-bit block”, the second as “20-bit

block”, and to the third as “16-bit” block. Note that (in pre-CIDR

notation) the first block is nothing but a single class A network number,

while the second block is a set of 16 contiguous class B network numbers,

and third block is a set of 256 contiguous class C network numbers.

What are URL spoofs and why/how do they present a threat to my identity.

Identity theft and credit card fraud are a growing concern on the Internet.

A common exploit is requesting personal and financial (credit card) information via emails with spoofed and or obfuscated domain names. For example, unsuspecting users receive an email purporting to be a service such as Paypal requesting updated information. In one case, the email may link to a site such as www.paypa1.com where that is a one (1) and not an el (l). Another example is a link to an ip address and not a fully qualified name. Once the link is made, the site often requests personal information such as social security and or credit card numbers.

In order to protect your identity, be sure to use your browser with the actual domain name, for example, www.paypal.com where that is an el (l). When ever you are to enter information, check to be sure you are on a secure site. The url listed on your browser will have https:// and not http://. If you go to a secure site, and you receive messages about a possible security issue from your browser, do not continue at least for entering personal information.

Does Cloudsmart patch its servers and if so what is the procedure?

Yes.

Cloudsmart administrators actively monitor various security services and OS manufacturers such as Microsoft for information on software vulnerabilities, logic defects and patches. Each notice is evaluated and if its determined that the patches are applicable to Cloudsmart’s environment, they are then applied.

Cloudsmart administrators automatically apply patches ASAP to all Cloudsmart managed servers. These include shared and dedicated servers. Some servers are patched by their customer designated administrators. Cloudsmart issues email alerts about vulnerabilities and patching scenarios to customers and/or their designated patch administrators during the patching session.

Cloudsmart administrators apply patches to non critical servers for testing purposes before rolling the patches to production systems.

What is spyware and ransomeware, is it dangerous and what can I do about it?

Spyware is a class of software that is used often without knowledge of the end user to mine information.

Ransomeware is a class of software that hijacks user data, encrypts it and requires payment to malicious ecosystems to unlock your data. This includes but is not limited to Word and Excel documents, pictures, databases and other business critical data.

Adware is a term for the use of cookies and other software components to report activity at WEB sites. Cookies are small pieces of information stored on client machines that can be accessed by WEB sites. Although normally innocuous, machines can become cluttered with unneeded and often unwanted information associated with cookies.

Keyboard loggers can be very dangerous. These can report information including user names and passwords for sensitive locations such as on line banking sites.

Popups can be a nuisance and in severe cases can slow or halt operation of machines when the Internet Browser is launched.

These and other similar programs are often installed through email attachments and WEB browsers. Sometimes, unsuspecting users will subscribe to a free service such as Internet Games not realizing that advertising and other activities may be associated with the services.

Ask us how our managed services can protect you from malicious threats.