On the contrary, we do police our own servers as much as we can and view every site often. We even scan our servers for compressed files to verify out clients are not offering pirated software for downloads and more. We do everything we can to run a clean legitimate business. So far we've had two that have outsourced spam advertising, both were kicked off the server immediately when we found out about it. One was a harsh lesson the other one we found in a spam that we got from those they hired to spam for them. Since then we are even more careful about who we host and their business ethics. We watch to see what people are selling and how they may market it.
You are a very wise person Len who I respect, and I totally appreciate everything you do here in this forum to help others. I also think your IMGate which you provide for free is wonderful. However Sir, I just can't agree with your logic here. To imply that I'm negligent for not knowing that one of our clients is outsourcing spam is ridiculous. If you would be kind enough to explain how to know for sure, I would be happy to use that knowledge to it's fullest potential :) I already scan our postmaster boxes for hate mail and scan our email logs at least daily if not several times a day. We check IIS log file sizes often to look for larger than normal sizes and do a report on anything suspicious to learn where the referrals are coming from to be more knowledgeable about how to legitimately market sites. Is there anything else we could do to fit up to your standards? How can we be positive about anything? What you are implying is something like saying if a 17 year old child who the parents have no reason to distrust all of a sudden sneaks out at night and commits a crime, you should do that time for it. What is the parent supposed to do, lock the child up at night? Geeze man! Ted -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Wednesday, December 01, 2004 9:08 PM To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] Lycos screensaver tackles spam websites >I run a web hosting service, and I can validate that no spam is being sent >from our servers Sourcing spam isn't what we're talking about. Are you sure none of your customers are running phishing operations? selling counterfeit viagra/cialis? counterfeit rolex watches? hosting warez or selling stolen credit card numbers by the bushel? poisoning visitors' browsers with spyware? or driving traffic to the website by hiring spammers that control ratware or run spam farms? >This would hurt all of the clients on >that server until I figure on which site is being attacked You should be able to figure out very quickly which http server is being DDoSed by looking at http logs. >and take it >offline. Even then, without warning how would I know why it's being attacked >if I don't know he hired a spammer? I think you would have to try to minimize the DDoS impact and then figure out why. >that most of us would do something if we have proof one of our clients are >doing this. That is why it's wrong to attack without warning. First things first. What's wrong before the attack is that you're hosting a criminal site and don't know about it. If one your website is phishing or poisoning visitors, they should be DDoS without warning, since ever HTTP visitor is a potential rape victim. >please do not take offense as no disrespect was intended :) I just think >Lycos needs to make warn before they strike Forget Lycos, they may not continue, but somebody else(s) may take it up. Let's say the somebody else isn't playing nice with warnings. How do you verify that your hosted clients are legit? Figure out how to do that, and then you can quit worrying about being DDoSed at all. Why should Internet police your web customers for you? They are YOUR paying customers, you police them, or pay the consequences. >to prevent the unknowing and the innocent from suffering for what one >client does without them knowing about >it. This may sound unfair and crazy and expensive since you seem not to know what your web clients are doing, but it's YOUR responsibility to know what web businesses your web clients operate. It's your responsibility to state clearly in your contract what types of business are not permissible. Do you have a clause where you specify that driving web traffic with (sub-contracted) spamming/phishing/porn/counterfeit goods/etc/etc is not acceptable? Len _____________________________________________________________________ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
