Disclaimer: I don't work for RackShack, or EV1. This posting is not directed specifically at HostPacket's situation, but rather, the number of postings that have come about critical of RackShack's policy of pulling a server on a second spamming offense.

In addition to running RPG-Works.Net I work for an ISP (not EV1) as a technician. Part of my responsibilities include handling spam reports. My employer has a great number of dialup users, web hosting clients, and broadband customers. We typically get a spam complaint (for the whole group) every week or two. Usually it's because of a customer setting up an open relay. Most reports come from SpamCop.

I also have RPG-Works.Net hosted with RackShack.

Here's my strategy for keeping from running afoul of this policy:

1) My services aren't the cheapest. Spammers typically look for the cheapest provider. Don't set yourself up as the cheapest provider. Offer a quality service at a fair price.

2) I don't offer instant activation: spammers also look for this. I hand screen all applications for new accounts. It's far easier to keep spammers out in the first place than to deal with them once they've done their deed.

3) Spam complains, should I ever get any, go to me not RackShack. The trick is to have RackShack set up your reverse DNS for your server's IP to your domain. They'll do this -- if you're a RackShack customer just put in a ticket requesting it.

Because of this, SpamCop (and most other spam reporting tools) will send messages to abuse@rpg-works.net. This box is checked regularly. I am my own abuse desk. No one has spammed yet from my service, but if they do, I will be the first to know, and their account will be swiftly terminated. If someone spams from my service, I will deal with it faster than RackShack ever could, and RackShack has no need to disconnect the server.

The key to avoiding getting into trouble is to avoid spammers in the first place, and make sure SpamCop reports are getting sent to abuse@yourdomain.com, not abuse@rackshack.net.

You make some good points, however, one problem, you have to sleep.

In my experience most of the real spammers start their spam early mornings, 2-3 AM since the servers are usually quieter and bandwidth is more plentiful, and sysadmins tend to be asleep. So imagine waking up to a dozen Spamcop complaints 3 or 4 hours old and a server that no longer pings (already pulled).

Granted in my experience Rackshack always mailed me first saying they got a complaint and a copy of it and asking if I'd dealt with it, and my reply was "oh heck yes, deleted the second it came to my attention and the spool/queue was cleaned".

Frankly I don't think RS is gonna yank your server that fast and I still just feel like there's more to this latest story than we're hearning. Maybe I'm wrong, who knows.

Even though one must sleep and I don't know how deep you sleep. One thing I do is have all email forwarded on important emails, sales, support, abuse, etc... to my phone. I could be snoozing and sleeping but the volume turned up it goes off louder than my alarm clock waking me up at night for a prompt reply to the question sent.

Do that with the abuse email so as soon as notification is sent your phone is going off warning you of the abuse.

I agree with RPG-Works...

I wish people would report the SPAM complaints to the actual company and not their provider.

Many providers have zero-tolerance policies(atleast in the ISP business), where all they need is one complaint to cancel your account.

There are many ways that spammers can utilize your services without ever becoming a member, too.

You need to make sure that there is no way for them to relay email through your server, and that you have no exploitable formmail scripts.

Still it seems like you could run into problems by someone maliciously advertising your service in some bulk spam.

Originally posted by JTY
I wish people would report the SPAM complaints to the actual company and not their provider.


They do, if your DNS is set up properly. Suppose SpamCop is processing spam coming from your server. It either sees:

64.46.246.41
or 64.246.46.41 (Marvin.RPG-Works.Net)

In the first case, since there's no name in the DNS, a complaint would go straight to RackShack.

In the second case, since there is a name, SpamCop would forward the complaint straight to me instead at abuse@rpg-works.net

It's just a matter of setting up the DNS right. If you do, most of the time the complaints go to you and not the provider :)

Originally posted by eyow
Even though one must sleep and I don't know how deep you sleep. One thing I do is have all email forwarded on important emails, sales, support, abuse, etc... to my phone. I could be snoozing and sleeping but the volume turned up it goes off louder than my alarm clock waking me up at night for a prompt reply to the question sent.

Do that with the abuse email so as soon as notification is sent your phone is going off warning you of the abuse.

Ok this might work when you're smaller, but if I did this with just abuse@ I'd get woke up at least 2 times a night, if not more, I get a good big of spam to abuse@ on top of people emailing abuse about the silliest things, typically things best left to, oh, a babysitter.

Originally posted by bitserve
Still it seems like you could run into problems by someone maliciously advertising your service in some bulk spam.

Here's a thought to keep you up.

You piss off someone, customer who feels put out, a rival company, your ex girlfriend, someone. So they get a throwaway account (dialup, hosting etc) and spam FOR YOU. I mean legitimate looking advertising FOR YOUR COMPANY to a big email list (they could run a bot on this forum, usenet, etc for a few minutes and probably harvest enough emails to assure at least a dozen or so spam complaints) or heck just spam the dude who runs spamcop and some of his deputies.

They could probably guarantee a dozen reports by using 25 well chosen emails.

They can do this a few times and watch your server go dark.

You piss off someone, customer who feels put out, a rival company, your ex girlfriend, someone. So they get a throwaway account (dialup, hosting etc) and spam FOR YOU. I mean legitimate looking advertising FOR YOUR COMPANY to a big email list (they could run a bot on this forum, usenet, etc for a few minutes and probably harvest enough emails to assure at least a dozen or so spam complaints) or heck just spam the dude who runs spamcop and some of his deputies.

I agree here..no matter how hard we try spammers find out newer ways to attack. Plus any reason no matter how odd could result in spam.. Our programmers still need to bring in a good solution..;)