Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Netcup Rude Abuse system
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Netcup Rude Abuse system

ZweiTigerZweiTiger Member, Provider
edited August 2019 in General

Hello,

Just want to introduce how netcup.de handle the abuse reports.

1, If one of your domain name send spam, example one of them sent 500 spam message accidently, then of course you noticed and solved the problem, but soon you will receive an abuse message, to solve it within 48 hour or your server will be deactivated.

2, If you receive a ddos, which is bigger then they want, their protection not really working if you receive more then 5gbps, you will receive an abuse report to promise not will happen again. But how?. Also they deactivate the server.

3, If one of your website get infected, you notice it and you fix the issue, you will receive an abuse report. "Your server has been deactivated, please provide a reason why your website infected"

Is theese incidents are typical in Germany? Could anybody there confirm it?

So the first thing to deactivate the server, and solve the problem? What kind of solution is that?.

Regards.

Thanked by 1gagah

Comments

  • LTnigerLTniger Member
    edited August 2019

    This is perfectly fine. SPAM can't be 'accidental' - it is or it is not. DDoS attacks - pro-active filtering is expensive, so it's natural that they come to you when some sort of treshold is reached or just simply blackhole you on a period of time.

    This is not rude, this is normal business practice, especially in lowend market.

    You could expect premium abuse handle/communication standards within higher tier providers such as hivelocity, rackspace, knownhost. Now, just fix problems, say 'sorry' and continue idle.

    P.S.

    ZweiTiger said: So the first thing to deactivate the server, and solve the problem? What kind of solution is that?

    This is probably automatic action. When you are available/ready to begin fixing problem they will unsuspend your machine.

    Thanked by 2chrisp coreflux

    hostwp.net -- Wordpress Hosting for Developers.

  • WebProjectWebProject Member, Provider

    Nothing is rude about your spam, as can be filtered at the sending time, if you can’t manage your VM it’s entirely your problem unless you do pay them to manage!

    VPS Price Match Guarantee on: All our range of DDOS protected XEN-HVM VPS Plans
    Are you looking for best price for self-managed VPS? See WebProVPS website for more details.
  • ZweiTigerZweiTiger Member, Provider
    edited August 2019

    We receive 2-3 abuse reports / year, but I not really like how netcup.de handle theese. If they give me some hours to fix it, I would be happy, but if there is the lowend market, it is fine.

    compared to online.net they not care too much.

    Interesting, but good point to stay "clean".

  • AnthonySmithAnthonySmith Top Provider

    No offence intended here, but these are your problems, they are called your problems because they are yours, frankly it sounds like you would be a nightmare customer for an ultra budget brand.

    I think they have been ok with you, at least 75% of hosts would ban you after the spam alone.

    Thanked by 2chrisp TimboJones

    I am no longer active here, find me at https://talk.lowendspirit.com (Just like LET without the scams)

  • ZweiTigerZweiTiger Member, Provider

    @AnthonySmith said:
    No offence intended here, but these are your problems, they are called your problems because they are yours, frankly it sounds like you would be a nightmare customer for an ultra budget brand.

    I think they have been ok with you, at least 75% of hosts would ban you after the spam alone.

    Thank you, you are right. My problems.

  • You shouldn't start a thread and then delete your starting comment -- it's really bad form.

    You may have miscalculated (people can make mistakes), but then just say so and ask for the thread to be closed.

    Thanked by 2ITLabs Ouji

    "Linux will run happily with only 4 MB of RAM, including all of the bells and whistles such as the X Window System, Emacs, and so on." (M. Welsh & L. Kaufman, Running Linux, 2e, 1996, p. 32)

  • @ZweiTiger said:
    delete please.

    Classic let behaviour if your post don't get the answers you want the op removed it.

    Thanked by 3angstrom Clouvider Ouji
  • NekkiNekki Moderator

    Standard shithousery.

    Here lies Nekki. He loved massive amounts of storage, K-Pop and calling people cunts.

  • These should fall under the Don't be a dick rule but wtf do I know.

    Catch me over at Primary DNS. If you want to chat I am done with this cesspool.

  • ZweiTigerZweiTiger Member, Provider

    Sorry. This wasn't a troll discussion. I promise!

  • @AuroraZ said:
    These should fall under the Don't be a dick rule but wtf do I know.

    This behavior does fall under that rule.

    "Linux will run happily with only 4 MB of RAM, including all of the bells and whistles such as the X Window System, Emacs, and so on." (M. Welsh & L. Kaufman, Running Linux, 2e, 1996, p. 32)

  • angstrom said: This behavior does fall under that rule.

    Yet it continues to happen, time and time again.

    Catch me over at Primary DNS. If you want to chat I am done with this cesspool.

  • @ZweiTiger said:
    Sorry. This wasn't a troll discussion. I promise!

    No one said that it was a troll discussion.

    We're just asking you to take responsibility for what you posted.

    "Linux will run happily with only 4 MB of RAM, including all of the bells and whistles such as the X Window System, Emacs, and so on." (M. Welsh & L. Kaufman, Running Linux, 2e, 1996, p. 32)

  • Well, we had this a few times.
    Just put them a decoy and see if they go and bite.

    If yes, you may look for another provider.
    Some providers do not really validate abuse emails.

    Its all about how they handle it.

  • If someone is a provider, they will have occasional abusive customers and their upstream has to tolerate that as long as the abusive customers are booted quickly. How that is arranged, I don't know, but lots of LET providers are managing to do it.

    It sounds like someone was reselling brand N services (resulting in spots of abuse) without N knowing what was going on. Not good.

    #lexit spread the word.

  • Isn't this kind of shittery is a banable offense?

  • imokimok Member

    trewq said:
    Things Everyone Hates
    Creating a thread and then editing the content to remove it, replace it with "delete please", or something like that.

    Thanked by 1ITLabs
  • I would like to see the original post recovered for posterity.

    #lexit | FatPal - Official LET payment gateway

  • FAT32FAT32 Administrator, Deal Compiler Extraordinaire

    Thread restored.

    "Everyone you meet is fighting a battle you know nothing about. Be kind. Always."

  • @ZweiTiger how does someone accidentally send 500 spam mail?

  • DonnDonn Member

    Well, being a customer of netcup myself. First I would give them a kudos for their super reliable service and good performance.

    But for abuse case, they suspend the server soon as they receive a notification of abuse (phishing). Their weakness is they don't validate the report. But again you as a server administrator have a sole responsibility to make sure your system is secure at all times.

  • ZweiTigerZweiTiger Member, Provider
    edited August 2019

    Nah great. So that was my review about how they handle. Compare to ovh and online.net , they are really.. really different. They always gave me time to solve, not server suspend and then notice.

    But if you Ask me, imunify360 solved all my issues. But still I not like how they handle.

    @DanSummer said:
    @ZweiTiger how does someone accidentally send 500 spam mail?

    We resell netcup servers as well, and the client could cause that. If you got clients, sometime you have to deal with abuse.

    Thanked by 1coreflux
  • ZweiTiger said: Is theese incidents are typical in Germany?

    Yes, since 2010 or like that for sure on hetzner I saw the same in different reviews about the company. And not only hetzner, many other providers. But people who read the comment must do understand, that I do not know how they acting right now in 2019.

  • williewillie Member
    edited August 2019

    ZweiTiger said: We resell netcup servers as well, and the client could cause that. If you got clients, sometime you have to deal with abuse.

    Obviously if resellers are part of a provider's target market, the provider has to accomodate situations where the reseller gets an abusive customer, as long as it is dealt with promptly. But it could be that netcup expects its customers to not be resellers. Did you ask them about that?

    #lexit spread the word.

  • jsgjsg Member

    I'm a very happy netcup root server customer and I like them being tough on "accidentdal spam" and other BS.

    @ZweiTiger
    If "accidental spam" is sent from your server then about 250 other netcup customers risk to find their IP black listed which leads to them being unable to use their services for legitimate purposes like sending non-spam emails.

    Why should both a provider and about 250 customers suffer the consequences of 1 users carelessness (wording it nicely)?

    So, if you or your users need to send "accidental spam" then pay for a spamming service instaed of letting a company and hundreds of other users pay for your sh_t!

    Thanks no.

  • Sofia_KSofia_K Member
    edited August 2019

    ZweiTiger said: So the first thing to deactivate the server, and solve the problem? What kind of solution is that?.

    In such situation I will avoid web hosts like NetCup at all cost.
    I'm willing to receive abuse reports and rectify those and also check such things never happen again, but servers getting deactivated instantly is big no no. -- I can put such hosts under "unreliable" tag on my personal list.

    Have a great day! Recommended: Namecheap | Godaddy | Cloudflare | AWS | Google Cloud | Ramnode VPS | BuyVM | OVH | Hetzner

  • Deactivating server due to abuse is fine. It is the 1st step actually or they can block ports but that's really extra step for them. So the fastest action and clear choice to prevent/lessen the damage is to shutdown the server. Then when you contact them ask to restore and that you will fix it. If you are reselling you should be responsible. You should have 24x7 support even if your provider doesn't have 24x7 support.

    IMHO when you are reselling you should have the ff:
    1. monitoring (uptime,abuse/spam, attacks/ddos)
    2. 24x7 support
    3. Offload your email and smtp services. Or you can resell something like mailcheap or mxroute. Or configure your VPS to limit the sending of emails which you can do via cpanel with plugins like configserver mail manage or you can tweak exim.
    4. Explain to your client that they cannot be big like FB with shared hosting and sending thousands of email in a short time. Explain to them about IP reputation and Anti-Spam.

  • If you are reselling and one of your "clients" is causing problems for you, you hold the rights to suspend or terminate the account.

    Similarly, since you are a "client" of netcup.de, they hold the rights to suspend or terminate your server if for the abuse.

    Sounds like you abused their system a lot... Deactivating the server is very mild. You should thank them instead.

    Don't be so serious. It's just a forum. No one cares what you think anyway.

  • fpmagicfpmagic Member
    edited August 2019

    I agree with the sentiment of Netcup here. If you can't monitor your email flow and detect anomalies then that's your problem (using shit software that sets up a whole system like clownPanel isn't an excuse). You ask for a couple of hours but this could easily mean tens of thousands more spam email flow, which risks your neighbours running non-clownpanel systems being effected by RBL blocks etc.. and IP reputation issues across the assigned netblock.

    Personally I think port 25 should outbound should be disabled by default - iirc Vultr does this. You have to explicit request it be open and agree to some very clear in your face terms.

    Thanked by 3AuroraZ uptime ITLabs
Sign In or Register to comment.