How do I fix my gmail server error?
August 14, 2008 7:10 AM Subscribe
I'm getting an error about half the times I try to log into gmail. The error goes away if I reset my computer. The error says "The requested URL /mail/ was not found on this server. Apache/2.2.2 (Fedora) Server at mail.google.com Port 80" I'm using ethernet to connect, and I only get this error at home (I'm on a MacBook Pro.) How can I fix that?
This sounds dodgy. Google's official 404 page does not look like that, it looks like:
Not Found
The requested URL /notfound/ was not found on this server.
That's it.... there is no "Apache/2.2.2 etc" tag on there... I know you say you're on a MacBook Pro so that would seem to eliminate spyware... unless you are running Bootcamp to Windows?
posted by jon4009 at 7:48 AM on August 14, 2008
Not Found
The requested URL /notfound/ was not found on this server.
That's it.... there is no "Apache/2.2.2 etc" tag on there... I know you say you're on a MacBook Pro so that would seem to eliminate spyware... unless you are running Bootcamp to Windows?
posted by jon4009 at 7:48 AM on August 14, 2008
Response by poster: I think it has more to do with my Internet Service Provider than gmail, because I can use gmail at work just fine. I'm not running bootcamp to Windows, but I'll try the secure URL.
posted by melodykramer at 8:25 AM on August 14, 2008
posted by melodykramer at 8:25 AM on August 14, 2008
Do you have to connect through the web to a proxy? It might be broken. Are you sure that your ISP's DNS servers can be trusted? They might be compromised, and you might not be going to GMail after all.
posted by mkb at 8:55 AM on August 14, 2008
posted by mkb at 8:55 AM on August 14, 2008
Can you find the IP address of mail.google.com as reported by your DNS servers using this technique? If so, please post. As some posters have already stated, this could be dodgy.
posted by rocketpup at 9:10 AM on August 14, 2008
posted by rocketpup at 9:10 AM on August 14, 2008
Agreeing that this sounds dodgy. mail.google.com does not run Apache/2.2.2. It runs "GFE/1.3," and it doesn't generate a stock Apache 404.
I'd be very curious to see what you get for mail.google.com's IP. If you're handy in the OS X Terminal, you can just use "dig" (I think it's standard on OS X?), or even just "ping" (which will show the IP). Google does operate a bunch of data centers, so there isn't any one IP that Google that should be, but you might try looking up whatever IP you get with ARIN. I get 74.125.47.83, for example, and if I paste that IP into the box for whois, it shows that Google owns it.
Maybe a broken proxy server is to blame, but I'd note that proxy servers don't run Apache (well, they could, but Apache isn't a proxy server), and proxy servers shouldn't be configured with a hostname of mail.google.com.
posted by fogster at 10:13 AM on August 14, 2008
I'd be very curious to see what you get for mail.google.com's IP. If you're handy in the OS X Terminal, you can just use "dig" (I think it's standard on OS X?), or even just "ping" (which will show the IP). Google does operate a bunch of data centers, so there isn't any one IP that Google that should be, but you might try looking up whatever IP you get with ARIN. I get 74.125.47.83, for example, and if I paste that IP into the box for whois, it shows that Google owns it.
Maybe a broken proxy server is to blame, but I'd note that proxy servers don't run Apache (well, they could, but Apache isn't a proxy server), and proxy servers shouldn't be configured with a hostname of mail.google.com.
posted by fogster at 10:13 AM on August 14, 2008
Fogster: Yeah, nslookup reports several IP addresses for GMail. Every time I query a different set is provided. So far all of those IP addresses have show up as being owned by Google at ARIN. So any IP address where this is not the case would be telling. IANANA (Network Administrator) but seeing a server running "Apache/2.2.2 (Fedora)" and claiming to be mail.google.com suggests to me that somebody successfully poisoned a DNS cache but failed to properly configure their host.
posted by rocketpup at 10:21 AM on August 14, 2008
posted by rocketpup at 10:21 AM on August 14, 2008
Response by poster: I will post it as soon as I get home. Thanks for showing me how, fogster.
posted by melodykramer at 10:37 AM on August 14, 2008
posted by melodykramer at 10:37 AM on August 14, 2008
Best answer: Though I do find it odd that a reboot would fix anything if that were the case. If it's a 'bad' DNS server giving rogue IPs, a reboot should give you the same 'bad' DNS server which would give you the same rogue IP, no?
It might not hurt, BTW, to change your password while you're at work, just in case. It does sound like something suspicious may be afoot, though it also sounds like they've failed at it if that's the case.
(BTW, flabdablet's suggestion to use HTTPS instead of HTTP (a secure link) is a good one, just as general advice. However, I do want to caution that HTTPS isn't a total guarantee of safety, just that your communications with that server will be encrypted. The system technically checks to see that the site has a 'valid' security certificate, and that it's for the domain it claims to be, but the system can and has been fooled, and if your computer already thinks 'mail.google.com' is something else, they're halfway there. So make a habit of using https:// for GMail, but don't ever fall into the trap of thinking that it absolutely, positively means nothing is wrong.)
posted by fogster at 12:55 PM on August 14, 2008
It might not hurt, BTW, to change your password while you're at work, just in case. It does sound like something suspicious may be afoot, though it also sounds like they've failed at it if that's the case.
(BTW, flabdablet's suggestion to use HTTPS instead of HTTP (a secure link) is a good one, just as general advice. However, I do want to caution that HTTPS isn't a total guarantee of safety, just that your communications with that server will be encrypted. The system technically checks to see that the site has a 'valid' security certificate, and that it's for the domain it claims to be, but the system can and has been fooled, and if your computer already thinks 'mail.google.com' is something else, they're halfway there. So make a habit of using https:// for GMail, but don't ever fall into the trap of thinking that it absolutely, positively means nothing is wrong.)
posted by fogster at 12:55 PM on August 14, 2008
Though I do find it odd that a reboot would fix anything if that were the case. If it's a 'bad' DNS server giving rogue IPs, a reboot should give you the same 'bad' DNS server which would give you the same rogue IP, no?
Yes fogster, I agree. But I'm having trouble thinking of any scenario where a 404 error delivered by a server would be fixed by rebooting the client. A lot if stuff happens when you reboot a client though. Maybe it's DNS or maybe it's a proxy issue or some other ill conceived stuff going on in the bowels of her ISP.
The error and other facts seem to indicate, however, that when attempting to get to GMail's servers, she is somehow ending up somewhere else.
posted by rocketpup at 1:53 PM on August 14, 2008
Yes fogster, I agree. But I'm having trouble thinking of any scenario where a 404 error delivered by a server would be fixed by rebooting the client. A lot if stuff happens when you reboot a client though. Maybe it's DNS or maybe it's a proxy issue or some other ill conceived stuff going on in the bowels of her ISP.
The error and other facts seem to indicate, however, that when attempting to get to GMail's servers, she is somehow ending up somewhere else.
posted by rocketpup at 1:53 PM on August 14, 2008
Response by poster: I'm certainly not running a proxy server. I'm not even sure what that is. But the show I work for tapes tonight, so when I get home at like midnight, I'll post it. (This all started after my electricity was knocked out by Chicago's lightning storms early last week....)
posted by melodykramer at 2:57 PM on August 14, 2008
posted by melodykramer at 2:57 PM on August 14, 2008
A proxy server would be something your ISP puts between you and the web-at-large to mediate your requests for various sites. This allows them to cache (parts of) frequently requested sites (like Google or GMail) and thus reduce the overall net traffic they have to send across their network. Theoretically this can also increase your browsing speeds since files are stored much closer to you on the network than your target website's actual servers. This assumes that the proxy itself has plenty of capacity to serve all the requests that are made of it.
The salient point is, however, that you may not be browsing the web "directly" but having your requests mediated through a proxy server run by your ISP, and you wouldn't necessarily know it.
posted by rocketpup at 3:47 PM on August 14, 2008
The salient point is, however, that you may not be browsing the web "directly" but having your requests mediated through a proxy server run by your ISP, and you wouldn't necessarily know it.
posted by rocketpup at 3:47 PM on August 14, 2008
Is the connection between your MacBook and your home network a wireless connection? If so, have you secured it with some form of WPA and a strong, non-dictionary password? If you're using an unsecured wireless network (which includes a network "secured" by WEP) then somebody nearby could be playing silly buggers with you at the LAN end. That would also explain why a reboot fixes things - it would take your attacker a little time to poison you again each time your networking is restarted.
posted by flabdablet at 4:45 PM on August 14, 2008
posted by flabdablet at 4:45 PM on August 14, 2008
Best answer: Yes fogster, I agree. But I'm having trouble thinking of any scenario where a 404 error delivered by a server would be fixed by rebooting the client.
Ditto.
BTW, I just noticed that we've been going on about DNS poisoning, without ever really giving a good explanation. For the non-geeks in the room, what's supposed to happen is that, when you try to connect to gmail.com, your computer goes off and asks your ISP's nameserver what the IP is for gmail.com. There's a feasible "attack" (that's fairly recently come to prominence) in which the nameserver can be fooled into delivering you the 'wrong' IP, instead pointing to some evil guy's webserver. Thus when you type in mail.google.com, you could actually end up at some other website.
Apache can be a proxy server, by the way.
Touche. Though something seems strange even if that is the case?
I'm certainly not running a proxy server. I'm not even sure what that is.
rocketpup explains it well. Proxies are normally something you'd set up on your own when you had many clients behind it. (I'm toying with setting one up at home.) They're great, except for when someone puts you behind one without telling you, and then misconfigures it...
posted by fogster at 6:38 PM on August 14, 2008
Ditto.
BTW, I just noticed that we've been going on about DNS poisoning, without ever really giving a good explanation. For the non-geeks in the room, what's supposed to happen is that, when you try to connect to gmail.com, your computer goes off and asks your ISP's nameserver what the IP is for gmail.com. There's a feasible "attack" (that's fairly recently come to prominence) in which the nameserver can be fooled into delivering you the 'wrong' IP, instead pointing to some evil guy's webserver. Thus when you type in mail.google.com, you could actually end up at some other website.
Apache can be a proxy server, by the way.
Touche. Though something seems strange even if that is the case?
I'm certainly not running a proxy server. I'm not even sure what that is.
rocketpup explains it well. Proxies are normally something you'd set up on your own when you had many clients behind it. (I'm toying with setting one up at home.) They're great, except for when someone puts you behind one without telling you, and then misconfigures it...
posted by fogster at 6:38 PM on August 14, 2008
Response by poster: Thanks for explaining fogster and rocket. I think I'm going to bring the computer to my Apple store tomorrow in Chicago, and ask what's up -- and then call my ISP. This seems serious enough to warrant attention. I have switched to the more secure https:// gmail (thanks for that tip!) and will let you know what happens.
Also, everyone in this thread has taken technical jargon and made it easy and simple to understand. I really appreciate it. Thank you. Melody
posted by melodykramer at 9:41 PM on August 14, 2008
Also, everyone in this thread has taken technical jargon and made it easy and simple to understand. I really appreciate it. Thank you. Melody
posted by melodykramer at 9:41 PM on August 14, 2008
Glad we could help!
I'm not sure if the Apple store will be able to help a lot—it sounds like a network/Internet problem. (Do call the ISP, though!)
Did you ever get to check out what IP(s) you get for mail.google.com?
posted by fogster at 10:08 PM on August 14, 2008
I'm not sure if the Apple store will be able to help a lot—it sounds like a network/Internet problem. (Do call the ISP, though!)
Did you ever get to check out what IP(s) you get for mail.google.com?
posted by fogster at 10:08 PM on August 14, 2008
This thread is closed to new comments.
posted by flabdablet at 7:23 AM on August 14, 2008