Security and Network Policies

With many more clients working from home and home offices. there is a greater need for easy and simple network and security policies for small business and home business. In that spirit, here is a very simple requirement for a micro and small business security and network policy as it relates to hosting, domains, websites and email services:


1. How frequently do you change account passwords? (For example: Once a week, once a month, once a year – some experts recommend that small business changes passwords every 30 days)

2. Password strength: What number of minimum characters? Upper Case, Lower Case, Numbers and Ascii characters? (Define your business password requirement)

3. Do you allow staff to share passwords? How many people know your passwords? Who is allowed to know your passwords (Make a list – and NO, Nkosi is not one of them – we need not know your passwords and our cloud(s) DOES NOT STORE YOUR PASSWORDS – We encryption your password, using various processes, store that encrypted result and each time when ANYONE presents a password, we apply encryption to it and compare the encrypted result with the stored encrypted result)

4. There are many other password related issues for larger small business as well as medium and large companies, but the above three are, in my opinion, the most important and minimum considerations for micro home businesses

Anti Virus, Email (and whatsapp, telegram and other services) generic policies or business rules:

1. File Attachments – Do you just open anything you receive? Or do you have rules?

2. Do you have PAID anti virus? (Yes, paid quality is very different from free quality – free is okay for home but not okay for business.)

3. Do you click on links any in emails and messaging services? – how do you verify before you click?

Is your business a target? Do need help? – Please email

Security and Network policies also include and are affected by your IT policy. The most important issue for micro and small business is the simple question:

Do you use pirate or unlicenced software?

– If yes, you should consider not doing that. If you do not want to pay for software you can use open source alternatives, for example Linux.

There are many more factors regarding network and security policies and we will build on this article and expand it further as we go…

My device was compromised

Maybe a friend sent you a website link and your device was compromised with spyware or virus. Maybe you installed an app or other software and now your device is not behaving properly or has become compromised…

If you are at a home or small office network and all of your Internet connectivity comes from one router, you may find that none of your devices, computers, laptops, notebooks or pads on the same network are able to see your website...

If your device has tried to abuse our systems, or has abused our systems, we may have disabled your domain name.

If we have disabled your domain name, the front page will display “SUSPENDED”

Try to view your domain name in a browser, from a different Internet connection: Can you see your default website?

If you can see your website, please see the section: Howto reset my passwords

If you cannot see your website, please try a different or other Internet connection or contact for confirmation that your website and domain is working/functional.

If your domain is working/functional please see the section:  Howto reset my passwords

Howto reset my passwords

We can reset your control panel password for you: You can start by sending an email to with the request to change your control panel password, in the subject line. Please have the answers to your security question at hand and please ensure that you have access to the phone numbers on our systems for your domain name, lastly, please ensure that you have access to the second factor authentication as set for your hosting account.

If your email account(s) have been compromised:

(1) You need to find the virus and/or spyware and remove it

(2) You need to change your passwords for your email accounts, on your email software, to a new password

(3) You need to close your email software (Do not collect any emails)

(4) With all of your email software and accounts closed, log into your control panel and change the email password(s) to your new password(s)

(5) Log out of your control panel and test your email account(s) and new passwords, using WEBMAIL (Your own domain with :2096 at the end)

(6) When you are sure that your email accounts work in webmail, turn on your email software (If you have multiple laptops, do this one by one in order to establish that you have entered the correct new password on each device)


Mailing list bulk email

We do not permit the sending of any bulk emails from our shared hosting accounts. Our definition of bulk email is quite strict:  We define bulk email as the sending of roughly the same email to more than one person in a 24 hour period.

Read more about advertising and mailing lists

Nkosi shared domain web and email hosting provides only transactional email services and on a fair use relayed email totals per domain and hosting plan:

  • 20GB hosting plan 36 000 emails per month (50 p/h)
  • 40GB hosting plan 180 000 emails per month (250 p/h)
  • 100GB hosting plan 360 000 emails per month (500 p/h)
  • 500 GB hosting plan 360 000 emails per month (500 p/h)
  • 2TB hosting plan NC, (no spam) (No Groups, no nodes, 5k p/h)
  • 5TB hosting plan NC, (no spam) (Multi, Group nodes, 2x5k p/h)
  • 10TB hosting plan NC, (no spam) (Multi, Group nodes, 2x5k p/h)

If you really want to send bulk emails from Nkosi clouds, servers and networks we could possibly offer you two different options:


You can apply for a mailing list at by completing this form: – By completing the application we will check if we have capacity and whether we are able to provide you with services. You can obtain more information about mailing lists on our website.

if your application is succesful, costs start from around R39 per month, per domain name and includes changes to your DNS zone, DNSSEC, SPF, DKIM as well as new encryption keys, tracking tools (to comply with the EU GDPR as well as legislation by US States, such as California, you may need to ammend your own Terms & Conditions of service as well as obtain direct and auditable permission from certain consumers to comply with privacy and other provisions of these laws)


You can apply for your own managed email server with mailman or by using local to remote relay apps (Unfortunately our two clouds do not offer email relay using port 25 as ingress and egress on port 25 is blocked on our cloud firewalls)  – For a possible quote on your own server(s) Please send an email to:


Howto view email source or raw headers in Microsoft Outlook

Micorosft Outlook Software is not very advanced and does not have functionality to view a complete email message and you have to do this in three steps:

1. Open Notepad or Open Office – New document

2. First get the headers (The bits with IP numbers)

  • Open the exact email message in a new window by double-clicking on the message (in the message list).
    It will open in a new window
  • Click on File and on Properties
  • Find: Internet headers or headers
  • Select the headers and copy (or press Ctrl and C)
  • and Paste (Ctrl P) on your new document

3. Then get the rest of the email

  • Open the exact email message in a new window by double-clicking on the message (in the message list).
    It will open in a new window
  • On the message ribbon, choose action and then other actions and then view source
  • Select the source and copy with your mouse (or press Ctrl and C)
  • and Paste (Ctrl P) on your new document

How to get support


Please remember to be professional and courteous at all times in your dealings with us (as you also expect us to be with you)

Please do remember that we strictly enforce all our Terms and Conditions of Service

Please state clearly what support you require or expect so that we may assist you properly

We undertake to provide you with full support related to our products and services.


SUPPORT Phone numbers: You can call the number on the bottom left your telephonic support contract during Office hours (6am to 6pm) and the number on the right, for after hours (6pm to 6am)

Please take proper care with your access credentials (user names and passwords) Please follow ICT Best practise. All of our clients are businesses and we expect clients to be responsible for their accounts and responsible for any security issues related to their services. Please do understand that we currently follow the GDPR (as current ZA legislation does not currently extend to security breach protocols) and we may suspend your account when we are notified of security breaches, as per best practice and as per the protocols defined in the EU GDPR. While we investigate our logs and systems as it pertains to your domains, users and services. We will conclude this process as quick as reasonably possible. Please do be aware that if you have prior security issues and are currently in breach of our Acceptable Use Policy (AUP), as amended from time to time, we may terminate your account as per our main T&C.

Please do be aware that we can (are able to) change your passwords and that we follow ICT best practice which may involve multiple forms of authentication as well as additional processes and security questions. Please understand that main access credentials may take up to 24 hours to effectively change as propagation between non Internet facing systems is a manual and tedious process.

We provide all clients free full hosting support for one person per client (Supporting additional or different staff members does cost extra)

Most of the time though, when our clients require support, the support they need is not related to our services or products….

Clients sometimes need assistance with Internet Connectivity, Software and/or Device operation or configuration, hard drive failure, network or router configuration and many other non hosting account related problems.

We do not provide IT services, or sell IT products or services. We do not sell devices, phones, pads and laptops (or hard drives or any other IT equipment). We do not sell operating systems, Cable Routers, Wi-Fi signal boosters or Office software and neither do we install wired networks or wireless networks.

When a client requires IT support, we do point this out but we also try to assist the client with the network, device or software, to the best of our ability, but most of the time we are not able to provide satisfactory levels of support or new software patches or solve IT problems at the client location or device(s) – Sometimes clients are not that IT literate and we have to explain the same thing two or three times, please bear with us and do understand that your support requirements are related to our products and services but you are not and have not paid us for the products and services (your devices, networks and software) and our support is limited in terms of what you may in fact require.

Sometimes a client does not readily accept or appreciate this as they are battling to obtain support from Microsoft or some other huge company.

We do partner with IT companies, please do ask us for a reference to an IT company in your geographical area or an IT company that offers remote desktop support for your operating system, networks or device(s)

Please also do realise that if you are unhappy because you feel that we did not assist you, please do not become rude. Please do not swear or be disrespectful. Please do not threaten us with “Social Media” or with “Lawyers” – All of the previously mentioned things, are serious breaches of our T&C, we will terminate your services. As much as you do not like being threatened and people being rude with you, we do not like or appreciate it either.

We are a nice, ethical, decent family of people. We live to serve clients that are nice, ethical and decent.

Please always assume our best intent, if you are not sure about anything, please do ask!



Non Support Question

You have probably received this page because you required support about something, but we do not know what you need.

We sometimes receive difficult support requests, where we are required to estimate what is asked.

For example: You may have sent us a photo or screengrab of Thunderbird and asked: “What is this?” in the subject line.

We would not know if you require us to tell you what Thunderbird is? Or if you want to know how to operate Thunderbird? Or if you are not sure how to use your Thunderbird?

 What you need to do now: Whatever support request you sent:  Please re – send your emailed support request

This time: In the subject line state the topic clearly. Example: I do not understand this menu option in Thunderbird

In the body, instead of attaching a screengrab of Thunderbird, please rather take a few seconds and type your problem. Example: If I click or swipe on send and receive nothing happens

We know then that this simply means that you have no new emails and we are able to tell you that, so that you can send yourself a test email and then see something happening…



Reporting Spam

No Spam! – The Only Time Nkosi Clients receive spam is when someone specifically targets them. Our clients are empowered to stop any spam forever. You can also report spam to us. We feed into SORBS, SPAMCOP, ASCAMS and 87 other International RBL, DNSBL.

There are multiple ways to report spam and abuse. You can make sure that the abuse stops by reporting the spam or abuse correctly. Nkosi has a no tolerance approach to: spam, scams, phishing, spear phishing, stalking, online harassment or any type of cyber crime. The correct way to deal with abuse Continue reading “Reporting Spam”