We are aware of an issue with the SMTP service on Array1 and are looking in to the problem.
A temporary service suspension has been placed on inbound and outbound SMTP and IMAP services.
Inbound Emails are being queued. We will update as we know more.
**UPDATE 01 @ 13:33**
Upon investigation, we found the SMTP connectors to be at 30% load processing over 2,000 emails a second. We have disabled the SMTP connector to enable us to flush the queue. We are monitoring the service however it is now back online.
**UPDATE 02 @ 14:01**
We have observed further high usage on the SMTP connectors and are now looking in to the originating traffic.
**UPDATE 03 @ 14:40**
Traffic analysis and a review of the SMTP logs flagged that an email account had been compromised. This account has been disabled. Email flow and services have returned to normal. We will however contunie to monitor.
**UPDATE 04 @ 16:51**
The platform has remained stable, however we have noted a few temporary blacklisting’s of the servers external facing IPs. We have taken action to clear these blocks from mainstream listings, however there are still some temporary bans in place that we are unable to clear and will automatically revoke within 24 hours. This may affect the sending of emails to some systems who reference to these databases.
**UPDATE 05 @ 23:41**
The platform has continued to remain stable and will be closing this incident down in the next 24 hours. In light of the issues seen today we have implemented further security checks upon connecting to help prevent this happerning again.
Adational monitoring will also be out in place to alert on higher procress / service demand. This will alow us to respond faster to any potential future problems.
**UPDATE 06 FINAL @ 16:53 – 27/05**
The SMTP platform has been removed from all visible blacklists. This incident is now closed.