I currently have a reseller account. I have two problems related to spam.

First, every so often AOL (or another ISP) blocks my server. Second, the server sometimes slows down to a crawl and I am sure it is because of the bulk spam being generated.


All my domains are controlled by me and we do not spam. However, after looking at the AOL notifications, I see that there is a lot of spam coming from this server.

I am wondering if there are some reseller programs that are tough on spammers (and whether it is feasable for them to control them with a resellers program??). I really am tired of fighting all the blocking mechanisms and slow server issues because of spammers. It has been damaging to my business when it takes down the site or an ISP blocks me.... I do not have the time to manage a dedicated server, so that is not a viable option for me....yet!

Thanks for any advice...

Have you contacted your host about this. Check IP status on dnsstuff.com and talk to your host.

Are you hosted on shared IP or dedicated IP for your accounts.

Agreed!

Your host should be able to resolve this for you. Have you contacted them?

Yes, they have been notified. But its not the first time, the server has gone down because of spammers, my emails have been blocked or other lovely side-effects. Looking at the notifications from AOL, the spamming is continuing. I am just wondering if their are programs that are more proactive about stopping it....

Well your host could disable nobody from sending mail, ban formail clones and generally have a look through the server. Even just sending a mail to all the clients on the server reminding them to be vigilent and check for old scripts kicking about.

He can also put a cap on the number of mails sent out by each domain.

We have had problems in the past with this. Really it is a never ending battle to keep your server clean and if something does get through to sort it out and get onto the RBL people to get your entry removed.

Also wise to make sure the server is not being used as a relay. There are all the things that Spamcop recommended to me when we had a mjor incident with a spammer using an exploited script to pump out mail.

I am sure others here who know a lot more about it will be able to suggest other things you can do or at least put pressure on your host to do.

Check your host even has an abuse@ setup else they won't even be getting mails from RBL's when the server is listed.

They, at least, have been very responsive. But as I mentioned, it concerns me that the issue keeps coming up. I definately don't want a situation where they OVER-restrict or filter, but it DOES seem that I am the one that has to make them aware of the problem.

We are thinking about setting up another account for hosting an application with MYSQL and PHP. I need stability over cost, so if anyone has suggestions, I'm happy to hear them. My current reseller account is really not *resold*, but the new account would sell hosted accounts with this application (that I wrote) for a specific industry. Though I have done fine with setting up domains, DNS, etc....I would rather concentrate my energy on managing the application and databases.

What type of application are you running and what are the requirements?

Thanks

The problem is that I don't know *in totality* what kind of space or bandwidth I will need until I start hosting it. So, I will punt. I am envisioning starting with around 3GB plan, but having the ability to move up until a dedicated server (and a dedicated support person) would be optimal.

About the users and application:
Server application is PHP and MySQL. I am developing it on a Linux platform. Eventually, there may be a client piece in Java (Windows platform, most likely).
The users are not office bound nor computer bound (they travel internationally quite a bit). I am avoiding any 3rd party software that requires a seat license.
The data is critical because it must be pulled up for state reports and audits.
Every quarter, we would probably be able to archive some of the client information and keeping just a XML report. But each customer is going to have different storage and bandwidth requirements. They will not know what they need, but I will need to be able to have a way to monitor and bill them fo what they actually use.
1 - Flexible plans available (that I can increase disk space and bandwidth easily). OR the company will work with me on custom sizes.
2 - Excellent up times and Excellent recovery.
3 - Good backup options. I would like to either set something up or pay the hosting company to do it.
4 - cpanel/whm...good control interface. Good monitoring tools.
5 - It would be nice if the hosting company did have a dedicated server program and could help me move everything if/when we are ready to move.
6 - Quick/responsive customer service.
7 - Security
8 - Proactively goes after spammers
9 - Does not overload servers.

THe problem that I am a control freak, but I do not always have the time to do the bigger tasks. I would love to have the option to pay someone to help me with those tasks.

I know it is a lot to ask, but my plan is to generally pass-through the hosting fees. I will make money off of application use, configuring and managing their data.

I also know this is not enough information....but I am hoping that by talking about it, I may realize what I need to consider and what I will need. :D

This sounds very interesting!
You shouldn't have any problems getting the support you need to make this work!

tinkerkel, here are some quick tests you can do, to see if a Hoster is on the ball:

http://yourdomain.com/cgi-bin/FormMail.cgi
http://yourdomain.com/cgi-bin/FormMail-clone.cgi

If you get anything other than a 404 page, it means the Hoster has not shut down some of the (very) insecure WHM/Cpanel scripts. A lot of Spammers are aware that some Hosters do not shut them down and, from their own computers and with just knowing the Domain name, can send as many Spam eMails as they want.

If these insecure scripts are working, and the above will tell you if they are, you can ask to have them turned off. While you're at it, also ask if they have disabled: shell_exec, system, proc_open for PHP scripts. The 'tmp' directory should also be secured.

Thanks so much for the helpful information. I've noticed that the notifications have decreased, so maybe they have tracked down the spammers.

That will give me some time to explore some other plans for this hosted application. :D