this is our first incident of someone sending spam from our servers, but this spam is illegal - it contains a link to a child-pornography site, so there are two issues here:
* spam - this issue concerns us because it was sent from our server - according to our TOS, we would suspend the account or terminate it -currently we have suspended the account-
* child-pornography - the website that the email links to is not hosted on our servers, and we are aware that one of the "spam-victims" who received the spam has already reported it, do we still need to report this issue?
* the customer used a fraudulent credit card and customer information provided by him during sign up is exactly the same as credit card billing information, so basically we have no idea who the offender is
* the customer opt to have his domain name registered by us, so basically the information in the WHOIS is the same as his hosting account info which is actually the credit card holder's info
what action should we take next?
- terminate the account and this ends our involvement in the spam issue
- report the website that was linked to from the email
what should we do to the domain name that was registered?
Terminate the account now. Report this cretin to local and federal authorities so that your business is on record for coming forward with the information. (It's the right thing to do anyway.) Preserve as much evidence as you can in case they ask for it.
Additionally, you can forward the sicko's information to me and I will personally take care of it.
Just call your local FBI office. Most major cities have FBI field offices. You might want to back up all of your data though because I would not say it would be out of the question that the FBI would want to take your server so they can extract all of the information from it. Probably not going to happen, but it would not shock me.