API tools faq
paste
Advertisement
hjysy

Dealing with Spammers and Abusers

hjysy
Sep 16th, 2019
2,147
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.43 KB | None | 0 0
raw download clone embed print report
  1. Dealing with Spammers and Abusers
  2. As has been documented in some other threads on WHT, I am responsible for policy enforcement and abuse cases at our (VPS provider) company. We've grown quickly and so has the number of abuse cases. Most of our customers are great, and we love them,
  3. ++++++++++++++
  4. If You want to buy cheap web hosting then visit http://Listfreetop.pw and select the cheapest hosting. it can be suitable for all your needs.
  5.  
  6. Top 200 best traffic exchange sites http://Listfreetop.pw/surf
  7.  
  8. list of top gpt sites
  9. list of top ptc sites
  10. list of top ptp sites
  11. list of top crypto currency Wallets sites
  12. Listfreetop.pw
  13. Listfreetop.pw
  14. Listfreetop.pw
  15. +++++++++++++++
  16.  
  17. but even that small proportion of problem people can cause issues for us and for other customers. We like to keep abusers off the service and we certainly don't want IP reputation problems, so we are quite proactive in this area.
  18.  
  19. I would be interested in opinions from other providers, and customers too, on how strictly providers should apply their terms of service (TOS).
  20.  
  21. Our customer base includes people from a wide range of skill levels - Linux beginners and experts - so the first thing I consider when an abuse case arises is could this be a genuine mistake by the customer? That is something that needs to be taken into account, although even genuine mistakes can pose an abuse situation that requires correction - even if that correction is suspension or termination. (Customers with poor website security who keep getting hacked and their servers taken over by CPU miners are an example. We feel sorry for them but they are responsible for their server and we can't leave the CPU mining running).
  22.  
  23. Even if the abuse/TOS breach is not accidental we almost always suspend rather than immediately terminate. (I don't think immediate termination has happened once in the time I have been involved here). Our TOS does give us the ability to immediately terminate in certain circumstances, including for breach of TOS or AUP, but that isn't what we have been doing. (We do terminate on multiple breaches or failure to remedy).
  24.  
  25. So my question is - am I being too soft here? If the criteria in the TOS are met that allow me to terminate, should I just do that and move on?
  26.  
  27. Another abuse case hit my desk today. It relates to a person (that I am not going to name) who has been a customer of ours for five whole days. In that time he has purchased his first server, then two more, at least one of his servers spewed out enough spam on TCP 25 to get blocked by one of our data center providers.
  28.  
  29. We have sent him cisco netflow data showing his IP, in the last day or two, generating tons of outbound SMTP to loads of places. He flatly denies that it happened, claiming that was before he had the IP - despite the logs clearly showing the date after his service started (VPS service started on 20th, traffic on 22nd & 23rd).
  30.  
  31. The problem is you can't resolve a problem if the customer flatly denies, against evidence, that it exists. Customer says he has 12 years experience in the web hosting industry, so ignorance does not appear to be a defence.
  32.  
  33. Because of the TOS violation he loses his right to any refund (we offer 14 days refund for the first server so a new customer can try us out). The AUP violation (SPAM) gives us the right to immediately terminate, as does a failure to rectify a breach after notice.
  34.  
  35. Customer wants a refund on one of his servers now, claiming he purchased it by accident. Our support staff, correctly, told him he isn't entitled because of the TOS breach. He says we are unkind people (or words to that effect).
  36.  
  37. What makes this *really* interesting, and the reason I thought I would write a post about it, is that his LinkedIn profile says he is CEO of a web hosting company and his TOS are similar to, or even stricter than, ours. His TOS says, in part:
  38.  
  39. XXXXX has zero tolerance for UBE/UCE (unsolicited bulk Email/unsolicited commercial Email). This policy protects our customers as well as the internet community from the negative effects of “spam” related activity. ..... If a client is found in violation of the above no-spam policy, the offending account will be terminated without notice and no refund will be issued.
  40. Accounts canceled/terminated by XXXXXX for violating our Terms of Use do not qualify for the 15-day money back guarantee. For example, if your account is canceled due to spamming, you will not be given any refund.
  41. Refund requests will not be accepted if it’s requested for any cause that’s out of XXXXX side, For example ... Customer’s lack of experience dealing with web basics and communication protocols.
  42. Given that is his TOS, it seems difficult to argue that we are being unreasonable in applying ours.
  43.  
  44. So, providers of WHT, what do you do with a customer who is 5 days into an annual plan, sends spam, won't acknowledge clear evidence of that, and wants a refund? Terminate? Suspend?
  45.  
  46. Interested in your feedback.
  47.  
  48. Have you tried previously being more strict during pre-sales? For example, some times if we are questioning whether the person is spamming or not, we tell them port 25 will be blocked as a new customer. The true spammers usually don't respond anymore or push back. It has helped us a good bit on the VPS side to eliminate them.
  49. Michael I Flickinger- Owner, Gbtcloud.io, A Division of Greybeard Technology
  50. Colocation | Dedicated Servers | VPS | Cpanel SSD Web Hosting | All Flash Private Cloud
  51. https://clients.gbtcloud.io/index.php?/cart/
  52. Have a question about a solution? Email sales@gbtcloud.io for more info!
  53.  
  54. Thanks Mike, that is a good point.
  55.  
  56. Right now we adopt the data center provider's approach which tries to allow modest outbound SMTP but not bulk. I know some providers do block it (Vultr does, IIRC). I see the trick is to say you block it without actually blocking it and getting all those "please, please, please open port 25" tickets.
  57.  
  58. Yes- You know the signs to look for. Give them a little bait and see if they argue with you or not. If they don't need port 25, usually they do not care. If someone is running it for a personal mail server, they will usually say so. Trusting your gut has been good for us. In addition to FR.
  59. Michael I Flickinger- Owner, Gbtcloud.io, A Division of Greybeard Technology
  60. Colocation | Dedicated Servers | VPS | Cpanel SSD Web Hosting | All Flash Private Cloud
  61. https://clients.gbtcloud.io/index.php?/cart/
  62. Have a question about a solution? Email sales@gbtcloud.io for more info!
  63.  
  64. Hard to scale that up, though. Our sales/cart is fully automated, we would never survive November (or any other time of the year!) otherwise. But I do see your point, thanks.
  65.  
  66. I've had similar. I give one chance to correct. On second spam notice from data center, I shutdown the server.
  67. Violation of TOS = no refund. I might allow them continue after proving identity with license/address that matches billing. But no one has gone so far yet as to want to send that in. Meaning they can't. If they start threatening/cursing = complete deletion, banning their email and banning their last logged in IP.
  68.  
  69. So my question is - am I being too soft here? If the criteria in the TOS are met that allow me to terminate, should I just do that and move on?
  70. No -- even in cases where you're fairly certain the abuse was deliberate, going straight to termination means potentially making yourself liable for their data loss. Plus - mistakes happen. Terminating a customer who made a mistake means you lose that customer forever; when they might have otherwise learned their lesson.
  71.  
  72. Another abuse case hit my desk today. It relates to a person (that I am not going to name)
  73. Good - you can't do that as I noted in the other thread.
  74.  
  75. We have sent him cisco netflow data showing his IP, in the last day or two, generating tons of outbound SMTP to loads of places. He flatly denies that it happened, claiming that was before he had the IP - despite the logs clearly showing the date after his service started (VPS service started on 20th, traffic on 22nd & 23rd).
  76.  
  77. The problem is you can't resolve a problem if the customer flatly denies, against evidence, that it exists. Customer says he has 12 years experience in the web hosting industry, so ignorance does not appear to be a defence.
  78. This one smells like an organised spammer, I'd lean towards a controlled termination (not immediately as per the reasons I outlined above).
  79.  
  80. Because of the TOS violation he loses his right to any refund (we offer 14 days refund for the first server so a new customer can try us out). The AUP violation (SPAM) gives us the right to immediately terminate, as does a failure to rectify a breach after notice.
  81. Customer had multiple services -- did all of them send spam? If not, refund the ones that didn't in full.
  82.  
  83. what do you do with a customer who is 5 days into an annual plan, sends spam, won't acknowledge clear evidence of that, and wants a refund? Terminate? Suspend?
  84.  
  85. Interested in your feedback.
  86. Annual payment and smells like an organised spammer? Probably a stolen card. Might be worth digging into to see if you can determine that -- it's easier to just refund fraudulent payments before you get slapped by a chargeback from the actual card owner.
  87.  
  88. We don't have to deal with email spam, but we do deal with spamming of forums and other web platforms. We do manually review all orders after signup, though the customer has access to the service until that review happens.
  89.  
  90. When we find people who look sketchy, we'll suspend them and email. If they don't respond, or if we don't like the answer we'll refund and terminate. We've dealt with significantly fewer chargebacks since we started promptly refunding payments for sketchy accounts. In my mind it isn't worth the $15 chargeback fee or the effort to fight those charges.
  91.  
  92. I think you're fine applying your suspension/termination rules in the manner you've been doing. You just need to decide whether it's really worth trying to keep the money since you're not going to be providing the service.
  93. WonderProxy can help your team do localization testing from around the globe. With more than 250 locations there's no excuse for not testing your website.
  94. The Where's It Up? API can help multiply your monitoring infrastructure. You can request pings, traceroutes, DNS checks, and HTTP checks from all across the WonderProxy network.
  95.  
  96. c hostel da nang
  97. hosting 24 phone number
  98. hosting location
  99. draculamailer.com
  100. host thesaurus
  101. hostinger n'est plus gratuit
  102. affiliate-toolbox.net
  103. hosting a forum on your website
  104. domain 1 danielson
  105. domain 3c
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!