seeing patterns where there may be none

Here’s a peculiar thing – well, three peculiar things:

  1. I wrote here about needing to learn additional mail admin knowledge in Postfix, specifically around learning how to delete an email account
  2. I wrote here about one email account I was hosting, that received a metric fuckton of spam
  3. I wrote here about a significant number of unsuccessful probes the mailserver was receiving

The first two items were about one email account attached to one hosted domain.

Well, after several days of internet fishing, I couldn’t find any help on how to delete an email account in Postfix.

So what I did was migrate the hosted domain (and therefore the associated email account) back to GoDaddy.

Then I deleted that email account there – because GoDaddy’s email control panel is simple, and easy to manage.

Within 48 hours, back on the NAS, all spam had dried up.

And, coincidentally (?) all probes to the MailServer had dried up too.

I would expect all spam to dry up, because the mx records for that domain now point to a server in Arizona, not my server here in Warwickshire. Deleting that email account is neither here nor there; that website is now under the administrative control of GoDaddy.

But all unwelcome probes/hack attempts drying up within the same timescale?

Well that’s just weird.

hosting a domain on a synology diskstation

There are two environments that need attention, when hosting a domain on a Synology Diskstation:

  1. Virtual Host (which organises the location of the files that your website is built out of), and
  2. DNS Server (which controls the Zone File that points web browsers at your website)

First of all, to configure your Virtual Host for your new website (which we will call

Web Services -> Web Applications -> Virtual Host:

  • subfolder = example (without TLD suffix)
  • hostname = (with full TLD suffix)
  • OK

Now to configure your DNS Server and the Zone File:

Downloaded Packages -> DNS Server -> Zones:

  • Create Master Zone
    • Domain Type: Forward Zone
    • Domain Name:
    • Master DNS Server: static IP address
    • Serial format: Integer
    • OK
  • Edit Resource Record
    • Create:
    • MX Type
    • Name: mx
    • TTL: default
    • Priority: 10
    • Host/domain:
  • Create:
    • MX Type
    • Name: (leave blank this time)
    • TTL: default
    • Priority: 20
    • Host/domain:
  • Create:
    • CNAME
    • Name: (leave blank)
    • TTL: default
    • Canonical Name:
  • Create:
    • A Type
    • Name: (leave blank)
    • TTL: default
    • IP address: static IP address
  • Finish

And you’re done.

Email config is a separate thing. You need to follow these instructions for that.

ghost / node.js

so it seems that to run ghost i have to download, install and configure node.js?


so much for the simple life

i’m getting the tar.gz for node.js, and downloading the ghost package

but it looks like there’s a lot of reading to be done before i get ghost up and running

this seems like a lot of effort just to look at a new product

but i’ll stick with it


as time allows

being probed/attempted hacks

The NAS has been getting a significant amount of hack attempts, since I enabled the MailServer functionality.

About 10-15 times in a 24-hour period, people (or, to be more accurate, things, because these probes are probably automated) attempts to log on to the root of MailServer as the primary user.

I guess that the bots that trawl the internet looking for open ports probed for, and found, the open port 25 (MailServer port) against the static IP address that the NAS uses.

My first line of defence was to implement a ‘three strikes and you’re out’ security policy. This will ban, for life, the IP address of anyone who unsuccessfully attempts to log on to the NAS three times.

My second line of defence was to set each NAS account and each email account with a new, digitally-encoded password, that meets GCHQ encryption standards.

I did check out the first couple of dozen IP addresses, but the only thing I learned was that invariably they were based in China.

It amused me that the Chinese Government (hacking community? – what’s the difference between the two?) would be so keen to get their hands on my priceless collection of unsigned music.

Or the many thousands of amusing Garfield strips that I keep, for some reason.

Or the entire second series of Outnumbered that I’ve never quite got around to deleting.

Or my porn.


So I have implemented two lines of defence: three strikes and you’re out for life, and all passwords set to a very high standard.

Is there anything else I can add?

Bear in mind we are only talking about probes to the MailServer – an application on the NAS – not probes to the NAS itself.


The email account that is the object of all the email admin I’m looking at is getting hammered with spam.

It’s an old email account, the email address has been around the internet for a decade or so and it has been very public, so it’s not a big surprise that it’s getting spammed.

Over 99% of the spam comes from spoof email addresses (from hacked MailServers, I’m guessing) that begin ‘canada.medic@’.

I set a management rule in MailServer to discard any incoming traffic from all email addresses originating from ‘canada.medic’ attached to any domain name.

That did the trick.

The incoming traffic showed up on MailServer as incoming mail, but nothing was delivered to the incoming mailbox/email account.


more mail admin: deleting email accounts

It looks like that, in order to delete/remove existing email accounts in the NAS I need to get down and dirty with some command line action.

I enabled Telnet and opened the appropriate port in the NAS firewall, and had a poke about /var/etc/packages/MailServer/ and everything looks like I’d expect it to.

But the more information I read, the more questions remain unanswered.

Do I need to remove the email account from MailServer?

Or do I need to remove the email account from the associated Dovecot package?

Or do I need to remove the email account from both?


I need to read even more, obv.

downing and upping


A couple of nights ago I migrated another – very light traffic – website on to the NAS.

The only reason I did this was to document, in bullet-points, the process.

I’ll post the process on to the Synology Forums, because the step-by-step documentation for the Diskstation is pretty scant (and next to meaningless).

I’ve just updated phpMyAdmin (being a firm believer in keeping products up to date).

But I think that I’m just about done with hosting on the NAS.

I think it’s time to up my game.

My next step is to get the racked servers installed, configured, and get CentOS and some RAID products spread across the hard-disks.


Time to up my game.

I’m going to down the NAS tonight.

Just a simple down.

But I have an eye on that phpMyAdmin upgrade I implemented earlier, and I’d like to bed it in properly with a cold start.

I’m just an oldschool Unix nerd, huh?


So, downing the NAS in an orderly fashion and bringing it back up delivered no discernible difference.

All services successfully restarted themselves, the four websites, php instances, MySQL databases and mailserver profiles all mounted correctly.

CPU is at 2%, RAM is at 30%

It’s all a bit anticlimactic really.

But also…

Very good.

practising hosting/email; aiming for a hosting metric

This evening I migrated my primary (top level domain) website and the associated blog from the established hosting servers in Arizona to my NAS.

This was slightly more complex than anything I’ve attempted before; each set of content (TLD and subdomain) runs against their own MySQL databases. I debated amalgamating both in to one database, but eventually decided to keep the products apart.

I also set up an associated email account for that self-hosted domain.

The aim of this migration is to act as a crude stress testing/load measuring exercise. I want to know what kind of volumes of internet traffic the NAS can comfortably handle.

The only snag I hit along the way was a temporary memory lapse where my brain melted, when I  couldn’t get the DNS to resolve to the content.

I took my mind offline for an hour and then it came to me, that I hadn’t configured the virtual hosts file.

Three minutes of VH config and hey presto, both the website and the subdomain were up and running.

Then I configured the associated email account for the domain in my phone and yep, that worked first time.

Maybe I should document all these things in bullet points?

But I’m turning out the light now, feeling a little bit smug.

moving house, forwarding ports and ISP garbage


I moved house from down there to up here. My ISP (Plusnet) said I’d have the same FTTC broadband service up here that I had down there. Except they were sooo not right about that. And the fallout/issues that ran out of me having to step down in my broadband to ADSL from the FTTC service I used to have in my former house, were… pretty massive.

However, we live and learn (or we’ve stopped living)…

Because of the degraded broadband service (and yes, stepping down from 80Mb/s download and 20Mb/s upload FTTC, to 5.3Mb/s download and 0.3Mb/s upload is a huge degrade in service!) I had to change modems.

And that meant having to learn how to configure port forwarding on a Technicolor TG582n.

It wasn’t, frankly, without its issues. And those issues came with a steep learning curve – and, together with Plusnet’s less-than-shiny internet provision, kept this little website offline for almost three weeks.

I’ve only just figured out (because what documentation?) that the port forwarding config file needed a from and a to port range – even if you only want to open just one port (which is what I have been trying to figure out how to do). That’s a bit bonkers, in a very twisted kind of logicish sort of way.

Anyway, I worked it out and now we’re back online.

The port forwarding issues, the router swap issues, the steep learning curve issues and the two week broadband outage courtesy of my ISP (while Plusnet unknotted their knickers and eventually delivered some kind of a – degraded – service), all combined to keep me away from the next project that was on my list…

Domain-related email!

That’ll come soon.

Oh yes.

The other thing to note is that I went on eBay and bought an HP server for £19.99p.

It has 4x hard-disks fitted, none are a decent size by today’s standards, but it does have a significant amount of RAM (ten times that of my NAS). And for less than £20 I think it will do as the first real base server for my experimenting/learning, when I need to migrate the self-hosting environment off my NAS on to something more scopey.

And that means getting something like CentOS and learning how to install and configure that.

I seem to be in geek heaven right now.