Question how to deal with potentially unethical client?

[xtm_mike]

Hi guys,

I run a small hosting company, most clients have been through word of mouth, local companies, etc.. basically individuals I have been able to build a relationship with.

More recently we have started getting clients through Google, forums and other organic sources which is great... However, this also comes with new challenges, I've got a customer that I'm not sure how to handle.

The customer signed up and ordered a domain and hosting plan, everything looked OK, MaxMind score was low but ISP was listed as another hosting company (potentially VPN?). The domain name registered is what pricked my interest, it was unusual, to say the least. Not something a typical business would register.

I flagged the customer and noticed they immediately redirected the domain elsewhere and setup 5 email addresses. The hosting account is not being used but the customer is sending continuously sending emails.

I looked into the client and it doesn't appear to be a clear cut spam attempt... The client looks like a legitimate business with public records, contact details, lots of websites, address, contact numbers.

Everything looks to be in order, except that the account is being used to promote their business interests via email on my servers.

My TOS clearly states that hosting accounts can't be used to send unsolicited emails / spam and I have a hard restriction of 250 per hour.

What would you do? Do you typically allow shared hosting accounts to be used for sending emails only? Why is this client not using a service like MailChimp? The emails being sent are promoting a business, why not send from their business domain?

Is 250 emails per hour continuously an okay limit?

Would you contact client? do nothing? suspend account? would you refund? The client also has domain would you suspend the account and allow access to the domain?

I'm basically not sure how to approach it if the client is even doing anything wrong?

My gut feeling is that client has obtained email lists and is using my services to send advertisements to them. It may not be typical spam (scams, viagra, etc...) however if enough email addresses report the emails as spam we could still end up with black listed IPs.

thoughts?

 

[24x7server]

I think, you've taken correct actions for this suspicious activity.

Email limit 250 per hour is ok and they should be sent using business domain name.

In such cases, we normally give 24 hours to stop this activity, then suspend a hosting and provide refund if applicable.

But if we found suspicious/spam emails then immediate action should be taken.

 

[ioZoom]

If it's not spam, not breaking your tos, and not overloading the server, why would you consider doing anything about it?

 

[xtm_mike]

If it's not spam, not breaking your tos, and not overloading the server, why would you consider doing anything about it?

Well, that's my point, it seemed like a fine line between spam and mailing list.

SPAM: irrelevant or unsolicited messages sent over the Internet, typically to a large number of users, for the purposes of advertising, phishing, spreading malware, etc.

I'd say it falls under that description.

I found from investigations that this client has several websites and businesses. A legitimate mailing list would be contacted through a service like MailChimp, from companies own domain to verify that the email is authentic (ie not spam)

The domain registered was just numbers 12345678.co.uk.. with emails being sent from mail@123456789.co.uk.

My hunch is that the client has purchased lists and is emailing them from random IP addresses knowing that the majority will be flagged as SPAM because they do not have permission, therefore compromising their own IPs for their website, mail servers or whatever...

As you rightly pointed out, the client is not violating my TOS or overloading the server, but it does have potential to get my IPs on blacklists, affecting my other clients.

 

[easyhostmedia]

we limit our clients to 100 emails per hour.

Because they purchased mailings list it does not say those on these lists gave permission to be on these lists.

It could be a few weeks before spam reports get noticed and then your upstream provider will suspend your servers for sending spam, which would effect all your clients.

i would invoke your clause 91

also on here you state 'I have a hard restriction of 250 per hour' and yet your clause 92 states

You agree and understand that we have set a limit of 500 outgoing emails per hour on shared and reseller hosting, 500 outgoing emails per hour on VPS Hosting, 1000 outgoing emails per hour on Cloud Hosting and 3600 outgoing emails per hour on Dedicated Hosting to avoid any sort of email spamming from our servers. Customers cannot send more than the specified number of emails in an hour irrespective of the size of their mailing lists.

 

[WPCYCLE]

It's your company...and executive decisions have to be made :smash:

I run a small hosting company, most clients have been through word of mouth, local companies, etc.. basically individuals I have been able to build a relationship with.

We all have been there...

More recently we have started getting clients through Google, forums and other organic sources which is great...

...and it is great when it goes beyond the Word of Mouth circles.

I've got a customer that I'm not sure how to handle.

There's always one. Always.

I flagged the customer and noticed they immediately redirected the domain elsewhere and setup 5 email addresses. The hosting account is not being used but the customer is sending continuously sending emails.

I looked into the client and it doesn't appear to be a clear cut spam attempt... The client looks like a legitimate business with public records, contact details, lots of websites, address, contact numbers.

Everything looks to be in order, except that the account is being used to promote their business interests via email on my servers.

My TOS clearly states that hosting accounts can't be used to send unsolicited emails / spam and I have a hard restriction of 250 per hour.

What would you do? Do you typically allow shared hosting accounts to be used for sending emails only? Why is this client not using a service like MailChimp? The emails being sent are promoting a business, why not send from their business domain?

Is 250 emails per hour continuously an okay limit?

Would you contact client? do nothing? suspend account? would you refund? The client also has domain would you suspend the account and allow access to the domain?

I'm basically not sure how to approach it if the client is even doing anything wrong?

My gut feeling is that client has obtained email lists and is using my services to send advertisements to them. It may not be typical spam (scams, viagra, etc...) however if enough email addresses report the emails as spam we could still end up with black listed IPs.

thoughts?

I won't break this part down since it involve a section by section response.

Email limits...depends on the customer and trust level. On average, 100 is a good limit. If it's a client that you know personally, and emails are a part of their business...2000, 300, what ever they need. It's very likely everyone on their list is suppose to be on that list.

What you need to be concerned with is your IP being Blacklisted. The reason this person is your using your service for emails, and their website...their website IP will stay protected with zero issues, while they use your IP to send out emails and potentially get it blacklisted. It's also very likely that they signed-up with you because they were kicked off their previous host...for sending emails.

Another thing to consider...if your IP is blacklisted...all the legitimate customers that use that IP will not be able to send any emails. So you will have much bigger problems because of one customer.

1. Reach out to them.
2. Let them know the rules (TOS)
3. Give them 24 hours to respond
4. Suspend
5. Then terminate

I guarantee once you reach out to them, they will not respond because they busy signing up with another service to have on hold when this one has issues.

 

[XiNiX]

Install FraudRecord Module. It can really save you from regular abusers.