Looking for some advice here. Not sure if I posted in the correct forum but there three different options I could have chose. So if a mod needs to move it then great.
If I lease space out for co-lo to customer that has multiple servers and I managed these servers for that customer. How should I handle this.
So the customer has been around for 3 or 4 months now. They have multiple servers that we manage. On the servers they have more than 200 accounts from which during this time there has been 5 or 6 spam email abuse issues. 2 of them by the same user which has now been terminated for abuse.
During this time the customer was notified and the accounts were suspended or terminated for the actions of the spam.
Would this be considered acceptale to everyone or should they be given a stronger warning them about there customers bad practices?
I feel that as long as the customers were contacted or suspended and or terminated that the issue case by case is resolved. Should there be more done or is this acceptable.
Has the customer given you any response as to why the spam messages were sent from the box? Maybe it was an insecure script, or something of this nature?
BGP Blend of Telia, GTT, Zayo, and Cogent in One Wilshire, Los Angeles!
True Definition of Managed Hosting
Proudly Offering Shared Hosting, Reseller Hosting, VPS, Dedicated Servers, and Co-location
If by 5 or 6 "issues" you mean 5 or 6 times dozens/hundreds of people flooded your abuse system complaining about their actions then I would definitely implement more stringent rules as to how you will deal with it in the future. If by "issues" you meant 5 or 6 individual email messages complaining about the spam... I'd respond to those complaints that the issue has been dealt with and go on with business as normal.
I'd try to keep a tracking system recording IPs reported, domains involved, specific sub-customers involved (if you have that information), information on the complainer, the reason you were given the problem came about (hacked script, or intentional uce, or the reporting customer is stupid and signed up for the info), and how your colo customer dealt with the issue.
I have a comment... If the name attached to the abuse no longer resolves to that IP then that is pretty much the extent of what you can do about it. If some spamnazi notices two weeks later the domain still resolves to the IP, they will have a panty crisis and dedicate their day to lashing out at you amongst themselves. Rarely does that turn out good. Spammers need removed forever on the first offense - always - no matter what the explanation.
I'm not sure how much of an issue it is with the first complaint of forwarding spam to himself and turning himself in as a spammer. AOL already knows that is a flawed system, and won't take any action unless the "this is spam" button is being pressed by multiple users at different locations, and your server was the "supposed" source.
But you still have to let them know that it shouldn't be done (turning self in as spammer) and if it continues, you will be forced to treat them as the spammer they say they are and delete them.