Category: IT

[Update] Gmail Account Suspended After Adding POP3 Imported Account

Just a quick update on my previous post with this problem.

I eventually managed to get all of the accounts setup fine, however, every damn one of them got suspended in the process. I found a way around that though.

As long as you setup the POP3 import and leave the box UNCHECKED for “leave a copy of retrieved messages on the server”, you will then receive a email on your previous email system indicating that the account is suspended, and most importantly, some directions to appeal this decision.

After having a human at Gmail manually unsuspend the first two problem accounts for me (roughly 8 hours after submitting the appeal), the other 4 accounts were automatically unsuspended as soon as I submitted the appeal request which allowed me to continue setting up the accounts.

So from what I have learned here, the reason for suspension is completely unknown but is NOT for breach of terms and conditions (which I have thoroughly read every single word to make sure), And if this is happening to several different accounts, once the first couple are reviewed by staff at Google, I guess they whitelist your IP address or similar to have the others automatically resolved when you appeal it.

[ONGOING] Gmail Account Suspended After Adding POP3 Imported Account

I was recently tasked with setting up a handful of Gmail accounts for a company, creating the accounts worked fine as expected, but when trying to add their business email address as a POP3 import/send as address I have been facing some issues where the accounts are becoming suspended and at risk of deletion. Gmail’s reasoning for this? Apparently “Terms of Service Violation”. I have thoroughly read through the several pages of their Terms of Service, and there is not one rule within that, that we are breaking here.

To make matters even worse, I chose not to leave a copy of imported messages on the server (to free up mailbox space on the POP3 server) which means that all emails from the company address have been sucked up into Gmail and are being held at ransom, if I can’t get Gmail to unsuspend those accounts, the thousands of business emails will be gone for good.

My findings so far:

  • I am able to setup a account import from a POP3 account easily, it imports the messages fine, no problems at all there.
  • However, when setting up “send mail as” for this address, as soon as Gmail sends out the verification email to the address it is causing the Gmail account to immediately logout and state that it has been suspended. This is reflected by a email from Google sent to the recovery email address for the account stating that one can appeal the decision and wait for a response from their staff.

Of course this is very inconvenient and nerve wracking to think that crucial business emails are at risk of deletion, not to mention the downtime that it is causing for the users in question who are unable to deal with their emails in the meantime. I’m unsure what could be triggering this but presumably this is some sort of anti-spam measure. However, this is not a suitable way for Gmail to deal with the problem. Ideally, they should show a captcha or similar instead in a situation like this.

The Gmail accounts have been phone verified already, but for the first two accounts I was able to successfully appeal to Google, thankfully were reinstated after waiting about 10 hours for them to review the issue. I was then prompted to re-verify the phone number again when logging into the account again.

I have reached out to @gmail on Twitter to find out more, I won’t hold my breath but hopefully they will come back with some suitable answers and maybe even a change in their procedures to prevent this from happening again.

[FIX] Samsung Series 5 550 Chromebook, Linux Mint 18 / Ubuntu Xenial Not Refreshing Wireless Networks After Resume

After recently installing Linux Mint 18 on my Samsung Series 5 550 Chromebook, I noticed that after a system standby/resume, my wireless network list was not refreshing or connecting to networks if in a new location (for example, suspending the system at home, then resuming when at work it would not find new networks).

The following fix was found to work fine for me, credit goes to Ubuntu Forums here.

Apparently this is common for Broadcom wireless cards, mine however was a Atheros 93xx card:

rob@chromebook ~ $ lspci | grep -i wireless
01:00.0 Network controller: Qualcomm Atheros AR93xx Wireless Network Adapter (rev 01)

The fix was to create a new file:

sudo nano /etc/pm/sleep.d/10_restart-networkmanager

Paste the following into it:
#!/bin/sh
case "$1" in
resume|thaw)
service network-manager restart
;;
suspend|hibernate)
# Do nothing
;;
esac

Make sure root is the owner of the file:
sudo chown root /etc/pm/sleep.d/10_restart-networkmanager

And make the file executable:
sudo chmod +x /etc/pm/sleep.d/10_restart-networkmanager

Once done, reboot the laptop and you should then be able to suspend and resume the system without problems, upon resume, it will restart network-manager to work around the issue.

[Fix] Fallout 4 PC – Keyboard & Mouse Not Working – Logitech

Yesterday I started playing the Fallout 4 PC game. I was confronted with an issue right at the beginning of the game on the screen that says “Press any key to start” where no keys were detected so I couldn’t begin the game.

After some extensive searching, almost all answers were related to having a game pad or controller plugged into the computer, and the fix was to unplug it before starting the game or use the controller to go into the game settings and disable it. For me, this was not the case, I do not have a game pad or controller on my PC.

Eventually I figured out that it was the software for my Logitech G19 keyboard that was being falsely detected by the game as a controller. Unplugging the keyboard did not make a difference, but if I completely exit the Logitech Gaming Software before starting the game it worked flawlessly. I could then begin the game, and go into the game option screen to disable controller support. Once that has been done, you can run the Logitech Gaming Software again without it interfering with the game. You can still use the macros and hotkeys of your Logitech device after this.

As I couldn’t find any mention of this being the cause of the error, I thought I’d publish this post to help others.

Fix for Sony Smart Band SWR10 Not Tracking Sleep/Activity Data

I’ve had my Sony SWR10 Smart Band for some time now and it’s been great and so useful, especially the ‘Smart Wake Up’ alarm feature which I use all the time.

A couple of times I have run into an issue where the smart band stops tracking activity data including when asleep, which prevents the smart alarm feature from working.

I did contact Sony about this some time ago and arranged to return it for repair/replacement but I never got round to sending it off, a few weeks back I found it again and thought I would give it another go and surprisingly I found that it was working fine again so I started using it.

After about two weeks the same happened again and it stopped tracking activity data. After various troubleshooting methods I have worked out that the battery within it needs to be totally discharged to force it to turn off completely, then once recharged, it will work again just fine. There’s no easy way to discharge the battery sadly and it’s very much a waiting game, I tend to leave it for a week without using or charging it which in my case is usually enough to resolve the issue. It’s very much an inconvenience being stuck without it for such a long time when this happens but it’s the only way I know of.

This may not work in all situations but for me, it has worked perfectly 3 times now to resolve the issue of not tracking activity data.

pfSense 2.2.6 Compatibility/Installation of ASRock Q1900-ITX Motherboard

I was expecting this to be a walk in the park but alas it wasn’t as simple as I’d hoped.

I originally intended to install pfSense to a mPCIe-based SSD as the motherboard has got a slot, but sadly this motherboard only supports wifi/cellular cards in this port so presumably the motherboard only has the USB pins on the slot connected and not the PCIe/mSATA pins. Save yourself the effort here and go for a SATA hard drive or SSD instead, it wasn’t worth troubleshooting or fighting with it for me.

My specs:

  • ASRock Q1900-ITX (for what it’s worth, I believe the Q1900DC-ITX is identical apart from having a built in DC PSU instead of the usual ATX).
  • Integral Value 2x 2GB DDR3-1600 RAM
  • Broadcom 10/100/1000 NIC (unknown model, I’ll try and add details later).
  • OCZ Agility 3 60GB SSD
  • 80W DC-DC PicoPSU with 12V 5A power brick

I tried to install pfSense 2.2.6 to this motherboard originally using default settings, with BIOS version 1.6.0 from ASRock. This failed with AHCI Timeout errors when trying to format my SSD.

After finding this post for a very similar motherboard made by Gigabyte, I started playing around more in BIOS.

I then went through the BIOS and disabled any devices that won’t be required for this installation, such as serial/parallel ports, HDMI audio, PXE boot, onboard audio, WAN radio (wifi/cellular card if you’re not using them). I also made some other minor changes such as setting the default graphics card to onboard instead of the default PCIe. SATA controllers are set to AHCI mode, Secure Boot and Fast Boot is disabled, S.M.A.R.T is enabled. Everything under ACPI Configuration is disabled apart from HPET, disabled everything under CSM (Compatibility Support Module).

After making these changes, it installed fine. Interestingly, I did try reverting back to the default BIOS values to try and work out which setting was causing the problem, I believe it is related to Intel C-States but I cannot be sure without getting another clean hard drive to test it on. It seems, that once the BSD boot loader has already been written to the drive, subsequent reinstallations go through fine without any errors at all.

If you’re using an SSD, it’s worthwhile enabling TRIM to prolong the life of it, I used this guide which worked perfectly.

After all of this, I’ve successfully got pfSense 2.2.6 full install up and running on the ASRock Q1900-ITX motherboard.

 

Fix for Windows 10 Start Menu and Settings/Wifi/Volume Screens Not Working

Recently I encountered an issue where the Start menu, along with the wifi, volume and control panel screens would not open on Windows 10.

After a lot of searching I discovered the following four fixes which may resolve the problem.

1. Microsoft troubleshooter

Microsoft is aware of an issue relating to the start menu and settings screens, they have created a troubleshooter and fix for this issue, however in my case it did not detect the problem but it’s worth a try anyway, you can download it here.

2. Reset/re-register some control panel files

This will attempt to repair some settings and files related to the control panel.

Press Win + X on your keyboard to bring up the menu, click “Command Prompt (Admin)” and copy/paste the following:

powershell -ExecutionPolicy Unrestricted Add-AppxPackage -DisableDevelopmentMode -Register $Env:SystemRoot\ImmersiveControlPanel\AppxManifest.xml "

Press Enter and wait, it doesn’t seem to specifically tell you how far it has progressed or when it has finished but I would suggest waiting 20 minutes.

3. Reinstall default windows apps

This will attempt to reinstall all the standard Windows apps like the Store, Windows update, Control panel etc.

Press Win + X on your keyboard to bring up the menu, click “Command Prompt (Admin)” and copy/paste the following:

powershell Get-AppXPackage -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}

Press Enter and wait. Like the above fix it does not tell you how far it has progressed or when it has completed but as it needs to do a lot of work I would suggest leaving it running for about an hour.

4. System File Checker

Out of all the fixes this one takes the longest so I have listed it last so you can try some of the quicker ones above first. This will check each and every Windows system file to make sure it is present and not corrupted. It will repair/replace any files which are causing problems.

Press Win + X on your keyboard to bring up the menu, click “Command Prompt (Admin)” and copy/paste the following:

sfc /scannow

Press Enter and let it do it’s thing. It can take anywhere from 30 minutes to over an hour in some cases but it will show the progress and tell you when it has finished.

 

After you have tried each fix above, restart your computer (press Win + X to bring up the menu which shows the shutdown/restart buttons if your start menu is not working) and hopefully one of these will have resolved your problem. Let me know in the comments if it worked for you and if you still have problems afterwards I’ll do my best to help.

Using ESXi Customizer on Windows 10

I recently required the use of ESXi Customizer to integrate some NIC drivers into my ESXi 5.5 ISO.

Having never used it before, I was surprised to see that it was not compatible with Windows 10 but as the script is now unsupported, I understand why. I’m no programmer but it states that it is supported on Windows 8 and 8.1 so 10 should be similar enough to work so I got cracking to disable the compatibility checks and see if I could make use of it.

Once you’ve downloaded and extracted ESXi Customizer, you’ll have a bunch of files in a folder. The file we are looking for is called ESXI-Customizer.cmd and you need to open that in a text editor such as Notepad, you should be able to right-click it and choose ‘Edit’ to do this.

Then you need to find and remove the following lines:

if /I "%1"=="silent" goto :eof
if "!WinVer!"=="5.0" call :logCons --- INFO: Running on Windows 2000. What?!
if "!WinVer!"=="5.1" call :logCons --- INFO: Running on Windows XP.
if "!WinVer!"=="5.2" call :logCons --- INFO: Running on Windows Server 2003.
if "!WinVer!"=="6.0" call :logCons --- INFO: Running on Windows Vista or Server 2008.
if "!WinVer!"=="6.1" call :logCons --- INFO: Running on Windows 7 or Server 2008 R2.
if "!WinVer!"=="6.2" call :logCons --- INFO: Running on Windows 8 or Server 2012.
if "!WinVer!"=="6.3" call :logCons --- INFO: Running on Windows 8.1 or Server 2012 R2.
if "!WinVer!" GTR "6.3" call :logCons --- WARNING: Running on a Windows newer than 8.1 / 2012 R2. Don't know if this will work ...
if "!WinVer!" LSS "5.1" call :earlyFatal Unsupported Windows Version: !WinVer!. At least Windows XP is required & exit /b 1
if "!WinVer!" NEQ "6.1" call :logCons --- WARNING: Your Windows version is supported for customizing ESXi 5.x, but not ESXi 4.1.

And save the file. Now, you can run it and use the program as needed and it will open and run on Windows 10. I wouldn’t recommend using this for anything mission-critical as I can’t guarantee there aren’t any bugs with running it on an unsupported system but for me it worked fine and the resulting ISO worked perfectly.

Securing VMWare ESXi on a Dedicated/Root Server with a Single IP Address, Single NIC

Before I start, I’ll say that the title above is misleading. It is not, to the best of my knowledge possible to run ESXi along with routing for your VMs on a single IP address but when I was researching the possibilities I found it extremely difficult to find information on this so this may help other users in a similar situation to find this post.

This post assumes that you have your dedicated server up and running with a version of VMWare ESXi, I chose version 5.5 but it should apply to other versions as well.

Start by creating a VM suitable for a firewall or router operating system, I highly recommend pfSense as it has a huge feature set, it’s free and easy to use. For my VM, I created this with 2GM RAM (overkill for my use but this server has a ton of RAM in it so…), 2  NICs, a 64GB virtual hard drive and 2 CPU cores which again is overkill for my use but why not…

I found the best way to install it is to upload the ISO to your ESXi datastore before installing it as I had issues when mounting it through vSphere client. Run through the installation as you normally would, the options are pretty self explanatory. Once you’ve done that and rebooted the VM you’re ready to start setting it up.

From vSphere, start by heading to the Configuration section for your server, then the Networking section. You will want to create a new vKernel with a private IP range, e.g. 192.168.100.1, enable this for management access as well and leave the current gateway IP address as it is for now, and within that a new vSwitch for your VMs to connect to. Assign one of your pfSense NICs to the original vSwitch, and the other to your newly created private vSwitch. Then, head over to your pfSense VM console and use the menu to assign the interfaces appropriately, for the WAN NIC you should assign the second public IP that your host has provided. (If you haven’t already, and if it applies to you, make sure your pfSense VM has the correct MAC address configured for the IP address that you were provided with). Then if necessary, you can also change the LAN IP range from this same menu if the vKernel you made is different to the default for pfSense.

Next, you’ll need another VM running to make life easier with the rest of it. I chose to setup a basic Windows 7 install (again, uploading the ISO to the datastore first will save a ton of headaches) and attach the NIC of this VM to your private vSwitch. If all has gone to plan you should immediately be able to access the internet from this VM and more importantly, the pfSense Web Interface. So go ahead and login to that, the default username is ‘admin’ and password is ‘pfsense’. It’s a good idea to setup a remote access software of some kind so if you lock yourself out of vSphere, you can still access this VM to correct any issues, TeamViewer is a good option here.

Then, you will want to achieve something like this eventually:

Once you have got vSphere management and remote access to your Windows VM, you’re now ready to change your gateway settings on ESXi to remove it’s public IP address. Go into the properties for your second vKernel and find the IP address settings, click Edit next to the gateway address and change it to the internal IP address of your pfSense firewall. If all goes to plan you will temporarily lose access to vSphere. Then, login to your remote access and load up vSphere there, go into the properties of the original vSwitch and remove the management network options from it. That should then release the IP address and block external access to your ESXi host so for the moment you are limited to managing the host through the Windows VM.

If you require external management for the system, you can login again to pfSense and configure port forwarding rules and IP restrictions to allow management over your second public IP. I chose to setup a OpenVPN bridge to my home network so all VMs were accessible from my home network as well which is perfect for my use.

The only downside to all of this is that if for some reason your pfSense VM ever fails to boot, you’ve then got very little way of managing the ESXi host to correct the problem. My host, Hetzner, offers an IP-KVM service to give me BIOS-level access to the server which I hope will be adequate to fix any future issues should they arise.

Disclaimer: This solution may not be best practice or reliable, and I’m not an IT security expert but I believe the solution I have detailed here is secure enough to protect your server. However I cannot be held responsible if you do suffer a security breach as a result of following these instructions.

Do hit me up in the comments if you require assistance or would like to ask any further questions.

Cheap Dedicated Servers from Hetzner

After looking to upgrade my home IT infrastructure which is getting a bit of a headache to maintain, a friend of mine from #sh-hackspace recommended the folks at Hetzner for an affordable dedicated server, normally I would have shied away from such a solution due to the cost but in this case Hetzner really did seem to offer some great prices for a high spec server. They have a ‘Serverbidding’ system which is a Dutch auction (where the price goes down over time until someone buys it) where they have all their previously used servers up for grabs. Most of which are very affordable and high spec especially for such a low price.

So I took the plunge and decided on an i7-3770 server with 32GB RAM and 2x 3TB hard drives all for around 30 Euros a month, which equates to about £22 a month. It was a no brainer. After some initial problems with registering where they must have thought I was a suspicious character and rejected my order after providing my ID (which is a requirement for your first order with them), I had a little moan on their Facebook page and got everything worked out.

I have to say this system is impressive. So far I have installed VMWare ESXi 5.5 on the box so I can migrate some of my home virtual machines to it, and still have a ton of headroom on top of that to experiment with new things. Firstly this involved customizing the installation ISO to include Realtek NIC drivers to support the server (more on that in a future post). Hetzner do offer different NICs at additional cost, which works out around £9 a month for their ‘Flexi Pack’ which is required for all hardware upgrades, along with the price of the NIC itself which is around £18, I could have gone down this route but as it’s mostly for hobby use and I didn’t need official support, it wouldn’t have been cost effective. Hetzner also provide free use of their IP-KVM system for up to 3 hours to allow BIOS-level control of the server and with this, it also allows you to install a custom OS such as ESXi from my modified ISO file.

I did have to order an additional IP address though to use ESXi effectively on the server as the server itself requires a public IP (of which one is included with it) but then you also have to route all traffic from virtual machines through another one. I choose to go with pfSense as the firewall/router OS of choice as I’ve used it for many years at home and I am familiar with it. So I installed this and configured the MAC address of the pfSense VM to the one provided by Hetzner for the additional IP address, then it was just a case of setting up the interfaces in pfSense and I was ready to go.

There are some security considerations that cannot be ignored when running ESXi on a publicly-accessible server. Basically, it’s not designed to be. There are limited firewall options within the configuration but by default everything is open to the world, I will detail in my next post how I configured my server to be secure in this respect.