All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
VPS Spam Policies and URL Shortners
So, im seeking some advice on few things. I have a VPS hosted with X service provider, and they have the following on the terms and conditions about the spam related activities:
We take a zero tolerance stance against sending of unsolicited e-mail, bulk emailing, and spam. Any user who sends out spam will have their account suspended or terminated with or without notice. Sites advertised via SPAM (Spamvertised) may not be hosted on our servers. This provision includes, but is not limited to SPAM sent via fax, email, instant messaging, or usenet/newsgroups. No organization or entity listed in the ROKSO may be hosted on our servers. Any account which results in our IP space being blacklisted will be immediately suspended and/or terminated. X reserves the right to require changes or disable as necessary any web site, account, database, or other component that does not comply with its established policies, or to make any such modifications in an emergency at its sole discretion. X reserves the right to charge the holder of the account used to send any unsolicited e-mail a clean up fee. This cost of the clean up fee is entirely at the discretion of X.
On the VPS, i have a URL shortner site. say short.com. So a user can go get a short url of any long url to something like short.com/assdasd (which pretty much just auto redirects to the long url).
Recently, X (the vps host) has lodged a ticket on me for violating terms for spamming because someone is using the shortened url's on spam emails. X also pointed out the above terms and said to pay special attention to "Spamvertised" section.
I have nothing against X, nice company so far, and they probably will see this (you guys could probably figure out who they are anyway). I just need some advice on whether in my case, this actually violates these terms. Specially the "Spamvertised" section, does a url shortner actually breach this?
So if im in the wrong, does anyone have any other suggestions on where i can host my url shortner?
Cheers.
Comments
X = urpad
just says that in the TOS
Just to clarify, the spam emails do not originate from my server at all, and im not involved in any spam activity. Some idiot is shortening spam urls and emailing the short urls to people (spam) using their own email system.
The terms of service say 'URPad.net' so all your X's are invalid.
You might want to remove the company's name from the AUP quote.
X service provider: leaves the cost of the clean-up fee to the discretion of URPad.net
ohnoes, you found out. nah jks, im just using short names to its easier to explain lol...
Sorry, company name is hidden, (@ mods, if you dont mind removing the comments with the company name in them please). Sorry i didnt mean to actually bring attention to the Host, its within their rights to do what they want and they have a very fair terms. Again, i do recommend them, i haven't had any issues with the provider at all.
I just need some advice on my specific situation.
So a spammer is abusing your service. It will only get worse. Should you, and your provider, allow it to continue, or should someone do something now to curb it?
If your website is being used in the content of spam messages, it associates the provider with spam because your site will most likely get listed with a url blacklist like surbl.
They don't want any association with spam.
Correct. But as a URL shortner, how can I prevent this? I can't possibly actively moderate every link. Only thing we can do is to take the whole site down, or actively remove any links that are flagged as spam (which I'm happy to do).
It sucks. So, how would someone run a service like a URL shortner without being blacklisted? What can I actually do?
buy a server and colocate it.
you guys want to do all on vps...
come'on!!!
Drop $20-30 more in your monthly budget, get a dedicated server.
Open up a sales ticket and explain what the issue is to the sales department. In regards to "spamvertized", these idiots will hide affiliate/malicious URLs in a shortened URL. If you show you have an aggressive anti-abuse policy where it's blatantly obvious to submit abuse complaints versus some of these lazy spammers who will put up spam infrastructure to look like a third party but it's obvious that it's just a front.
Also something to consider: SWIP
The sales department may be more lenient if you get an ARIN POC to use for SWIP purposes.
I think that this case would be an exception to the rule, have you informed them it is simply a URL shortening service and offered to remove the link?
I completely understand the hard line on spam and spamvertised URL's but in my opinion because you are not hosting the actual destination URL, you should probably forward the abuse report on to who ever is hosting the destination URL.
The fact this is a VPS is not relevant, it is only the IP space reputation behind those rules and that would apply to a dedi and colo.
Like I said I agree with the hard line on spam but a little common sense needs to be applied to this case.
I can relate to @decay's predicament. I used to enable URL shortener on each site I setup (the shorteners weren't really intended for external use), including on a nice 4 letter, 20 year old .COM
URL Spammers attempted to hammer that hard. I disabled the shorteners (since I wasn't ready or interested to offer a commercial URL shortener) and wrote some scripts to feed their info into fail2ban/firewall and/or blacklists.
IMHO, some of the alternatives are:
1) Manual Admin approval of URLs (yep, that sucks)
2) Write a script to automatically check the "domain reputation" of submitted URLs before they can be approved.
Bottomline, I can't afford to dirty my domain names, get SEO penalty, or damage IP reputation of my providers.