I run a web hosting service, and I can validate that no spam is being sent from our servers
Sourcing spam isn't what we're talking about.
Are you sure none of your customers are running phishing operations? selling counterfeit viagra/cialis? counterfeit rolex watches? hosting warez or selling stolen credit card numbers by the bushel? poisoning visitors' browsers with spyware? or driving traffic to the website by hiring spammers that control ratware or run spam farms?
This would hurt all of the clients on that server until I figure on which site is being attacked
You should be able to figure out very quickly which http server is being DDoSed by looking at http logs.
and take it offline. Even then, without warning how would I know why it's being attacked if I don't know he hired a spammer?
I think you would have to try to minimize the DDoS impact and then figure out why.
that most of us would do something if we have proof one of our clients are doing this. That is why it's wrong to attack without warning.
First things first. What's wrong before the attack is that you're hosting a criminal site and don't know about it.
If one your website is phishing or poisoning visitors, they should be DDoS without warning, since ever HTTP visitor is a potential rape victim.
please do not take offense as no disrespect was intended :) I just think Lycos needs to make warn before they strike
Forget Lycos, they may not continue, but somebody else(s) may take it up. Let's say the somebody else isn't playing nice with warnings. How do you verify that your hosted clients are legit? Figure out how to do that, and then you can quit worrying about being DDoSed at all. Why should Internet police your web customers for you? They are YOUR paying customers, you police them, or pay the consequences.
to prevent the unknowing and the innocent from suffering for what one client does without them knowing about
it.
This may sound unfair and crazy and expensive since you seem not to know what your web clients are doing, but it's YOUR responsibility to know what web businesses your web clients operate. It's your responsibility to state clearly in your contract what types of business are not permissible. Do you have a clause where you specify that driving web traffic with (sub-contracted) spamming/phishing/porn/counterfeit goods/etc/etc is not acceptable?
Len
_____________________________________________________________________ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
