North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BCP for Abuse Desk

  • From: Chris Woodfield
  • Date: Fri Jun 02 16:00:49 2006

I've found that the reserving the right to nullroute an offending host's IP address for repeated spam offenses is a good intermediate step between simple notifications and contract/circuit termination. It lets the customer know you mean business while still preserving the customer's account status; if the offender is a web hoster, it winds up being a particularly effective tool, as the threat of collateral damage from other sites hosted on the same IP is pretty compelling.

Of course, it's important to be willing to remove the nullroute as soon as the customer confirms that the problem has been dealt with, otherwise it does effectively become a partial termination of services.

-C

[email protected] wrote:
On Tue, 30 May 2006 20:51:55 CDT, you said:



 3d) Make sure your ToS allows nuking a spamming/abusive host.
 3e) Then *use* that clause in the ToS when needed.
Each of the ISP's I worked for had such a clause. I felt it
was a double edged sword. The only choices were to use it or
not to use it, and on non-clear cut cases the business side of
a company may be reluctant to heave a paying customer out the
door. I would advocate service contracts that allow a graduated
response including, but not limited to, getting rid of the customer. That way, there are penalties available even in cases
of "unintentional" network abuse. 
As I said, "when needed".  As you correctly noted, sometimes it's
more helpful to the bottom line if it remains an unmentioned stick
while you find a carrot to wave at the customer.   If a well-phrased
phone call or two and a helpfully informative e-mail can get the problem
resolved, you obviously didn't *need* to nuke. :)