Results 1 to 19 of 19
  1. #1

    Email Harvesting Script

    Recently discoverd this script after a huge load spike and bandwith hammering.

    It was collecting email address's from ebay. in the space of 5 minutes it had harvested 13k of email address's

    Now the question is as a hosting provider would you allow this to run or drop the user?

  2. #2
    Warn the user at first if you determine this was on purpose. They may be compromised if the script is running in /tmp and running a vulnerable web application. They might be sharing / reselling the server on the other hand.

  3. #3
    Join Date
    Apr 2003
    Location
    Atlanta, Jawja
    Posts
    3,066
    If it's abusing CPU, immediate suspension.

    More hosting companies need to get clauses in their TOS/AUP to specifically disallow harvester applications, IMHO.
    Douglas Hazard - Certifiable Sports Junkie and Sports Community Enthusiast

    Host of Two Cents Radio - Follow @TwoCentsRadio on Twitter (@BearlyDoug on Twitter)

  4. #4
    Nope was defiantly a deliberate act we could just turn down its cpu allocation but, the nature of it grates on my nerves its not intended for legit purposes and the email address's havent asked to be added to a database......

  5. #5
    I second the idea to add harvesting / "scraping" applications into your TOS/AUP.

  6. #6
    Thanks now to tell the user whos howling about how he paid to be able to run this script........

  7. #7
    Join Date
    May 2010
    Location
    Toronto, Canada
    Posts
    454
    I would definitely consider dropping the user at this type of harvesting behaviour.
    Stack Star | Shift8 Web
    ★ Managed VPS Hosting ★ Managed Wordpress Hosting ★ Managed Dedicated Hosting ★ Web Development ★ Web Design
    Managed Wordpress Hosting Web Design Toronto

  8. #8
    Join Date
    Mar 2005
    Location
    Labrador, Canada
    Posts
    951
    Unless the user can provide a valid reason for harvesting email addresses (with supporting evidence) then I wouldn't hesitate to terminate him/her for aiding and abetting the distribution of spam. He/she might scream but all of your present and future (legitimate) customers will support you.

  9. #9
    Join Date
    Jan 2011
    Location
    Ohio
    Posts
    467
    I would definitely drop the user, but only after giving a warning, and advising them that harvesting, or adding emails to lists without the email owner being asked to be added is not a good practice. If continues just drop the user.

  10. #10
    Join Date
    Sep 2006
    Location
    Dallas, TX
    Posts
    333
    First question: Do you have a TOS?
    Second question: Is it worded in such a way they violated anything in it?

  11. #11
    Join Date
    Nov 2009
    Location
    Colombia
    Posts
    2,143
    You can't just suspend him because you want(Unless you have some weird TOS)... is he violating anything?
    Diego Rodríguez B. - https://diegorbaquero.com
    CS Student, Geek, Software Engineer, Developer

  12. #12
    "Oops, for some reason your VPS is blocked from eBay" ;-)

  13. #13
    Join Date
    Sep 2006
    Location
    Dallas, TX
    Posts
    333
    They are probably not in violation of any TOS simply by collecting info available on the Internet (Unless their bandwidth/CPU usage is considered excessive). The TOS violation would be if they try to use that info to spam.

  14. #14
    He took the node from a load average of 2 to load average of 130..... i think that would be considered abusive. So while we couldn't drop him for his email harvesting (working on a updated TOS to correct that as pointed out we cant just drop as and when) he was abusing the systems resources

  15. #15
    Join Date
    Sep 2006
    Location
    Dallas, TX
    Posts
    333
    Quote Originally Posted by Psyber Chris View Post
    2 to load average of 130
    Make sure your TOS has something to cover your being able to shut them down for that.

  16. #16
    For that we do have covered with regards to the TOS just cant believe that they think this is acceptable we deal with enough spam as it is why would we wish to assist in the problem

  17. #17
    Join Date
    Sep 2006
    Location
    Dallas, TX
    Posts
    333
    Quote Originally Posted by Psyber Chris View Post
    just cant believe that they think this is acceptable
    Expecting users to be reasonable is expecting too much.

  18. #18
    Join Date
    Feb 2010
    Posts
    1,030
    What is the script name?

  19. #19
    it was coded in python no name that stood out only the file name (non descriptive really)

    Ive had a look through the code and its prity quick and dirty thoe it harvested almost 35k of email address's in the spce of a few hours......

Similar Threads

  1. is email harvesting from my server legal in UK?
    By bambinou in forum Specialty Hosting and Markets
    Replies: 13
    Last Post: 10-28-2009, 11:48 AM
  2. Preventing spiders from harvesting your email address?
    By kayz in forum Web Design and Content
    Replies: 7
    Last Post: 10-01-2007, 11:09 AM
  3. Nasty email harvesting tactic
    By thetazzbot in forum Dedicated Server
    Replies: 14
    Last Post: 07-20-2003, 04:54 PM
  4. Scramble email address against harvesting?
    By cyberdao in forum Web Hosting Lounge
    Replies: 9
    Last Post: 04-13-2003, 09:22 PM
  5. How to Stop Email Harvesting Robots?
    By Sydney in forum Web Hosting Lounge
    Replies: 0
    Last Post: 06-05-2001, 11:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •