All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Mass Mailing or NOT
I use a number of suppliers for various low end boxes. I have quite a few customers who are sick of SPAM so I run custom mail filter boxes. These basically run Spamassassin, Amavis Clamd Postfix etc. They accept mail for pre-defined mailboxes for my clients domains, scan the mail and then deliver it to the clients mail server if it is free of SPAM or deemed legitimate. There is no SPAMMING.
Recently several suppliers have shifted gear and are taking drasatic action over VPS that handle mail.
URpad, is one of them who basically blocked port 25 on entire networks. They then wanted justification to open it, only to find that that some RBL's had net-blocks on their networks.
Now I have other suppliers who are suspending services, because of what they deem as SPAM or bulk mail.
None of them are able to produce any evidence of SPAM, but some have clearly disliked the fact that that the VPS sometimes, sends in the order of 100 per minute. This is is peak and happens in less that 1% of occasions. 99% of the time they process about 1 email every 5 seconds.
There are all private emails, not mail lists, and the configuration locks down any open relay attempts.
So my question is, what is Mass Mail. It seems many suppliers have a loose definition their TOS, so may deem that 10 emails in one minute is mass mailing and cause for suspension.
So whats your opinion?
Comments
If they receive abuse they might want to take action to avoid their IPs to end up blacklisted and their company considered a Spam heaver.
If they don't receive abuse notices, I wouldn't believe that they actively monitor what's going on on port 25 but who knows.
We monitor also and have alarms based on a few factors, but never suspend automatically, a human looks into it each time.
Also, once a day, the traffic is added up and a list of top mailers is compiled so we look for the IPs in blocklists. If there is high mail activity and they are blocked, we suspend in order to terminate for new customers and suspend+warn the old in order to force them to reinstall as this is probably a breach. Very old and trusted customers which we are sure they know what they are doing, receive a warning only, unless the spam is really bad in which case we block the port but do not suspend still.
One provider defines Mass Mailing as any mail " that you would provide to third parties".
Only personal use is allowed, this means literally personal/casual use (receive/send personal email, no bursts, no mail processing of any kind. I assume this means a maximum of one mailbox per VPS.
Breach of this violates the TOS.
Their right, not that there is not a large choice of providers.
If some wish to ban non-christians or porn, or images of bottles, again, their choice, customers have their choice too.
Sure. Many of these providers also sell VPS for cPanel Hosting but the TOS is the same. How is it practical to only allow one mailbox, which would already be the root account.
I dont think personal means one mailbox. I have in my company's email 4-5 ones only for me, others for other people.
I think they wish to block reselling as we do, this usually means a lot of abuse and the reseller washes his hands "a customer did it". We do not specifically forbid reselling as this is impossible to check without going in, and even then, but we do not accept any BS about someone else did, it is your responsibility, in your name, we do not get money from your customers or friends.
So, we offer rage4 accounts to our customers in certain conditions, for personal use, but we cannot see if they are used for other purposes, so if we see 100 domains there with millions of hits each, it means the contract is breached. Probably they try to limit emailing to sane levels, you do not send 100 emails a minute for your own needs.
We consider it as mass mailing when the customer sends more than 75 emails per hour or 30 emails per minute, or if we have signs that the customer email traffic is not for an small personal/corporate mail server or a few transactional emails.
We have this process automated to block spammers and abusers. All traffic on TCP/25 is analyzed in real time and if any IP surpasses those thresholds, the port TCP/25 is automatically blocked on that IP.
Lots of valid points. As a VPS provider I can understand the headaches it causes. Your ignorant clients running mail server would easily end up having your IP on an RBL etc. Then there is the issue of getting them to take ownership. All the overhead and costs you incur then to get your IP removed removed and back under control.
On the other hand it makes it real tough for the client.
For instance, I buy VPS to run services on for my clients. Many of them are small businesses and a cPanel server to host 30-40 domains makes reasonable sense.
So of the many suppliers who participate on this board, which one could offer me that?
Keep in mind that my clients average around 10 email accounts and would like to send and receive email whenever they require it. Combined traffic, this may exceed 30 email per minute, and you risk suspension under the TOS.
I would need to control each client to make sure they don't send/receive more than 1 email every 10 minute?
So If I put a post up such as http://www.lowendtalk.com/discussion/13201/looking-for-cpanel-vps I wonder how many offers I would get from suppliers who know full well that their TOS prohibits it in practicality.
Most of the time if you are upfront with your provider before purchasing, they will be a lot more lenient and possibly whitelist your server. It's more the people who signup, blast a ton of mail with no notice that cause the issues.
Our thresholds are applied on a general basis, and they should fit for 99% of our customers, since our vps servers are intended for personal or small business usage.
But we're always open to whitelist a certain customer if he points a legit reason for sending non bulk email that doesn't fit in our general limits, like the case you pointed.
That's fair enough I guess
Well, the first problem is that what you say here is the same thing that spammers say all the time.
Why focus on the numbers? The real issue with spam is about the (lack of a) relationship between the sender and the receiver. What legitimate reason is there to send an email every 5 seconds? What other channels might better be used to communicate the same information?
You don't need port 25 to spam or not spam,
But you need to be able to talk to external port 25 to send them emails, and that's what we limit/block, outgoing traffic towards any port 25, not local port 25.
The numbers matter because in most cases, spammers send a crazy amount of email, to take advantage before the server they're using is suspended.
Or the IP is blacklisted, whatever comes first.
Right, but the problem still is not the number, but the nature of the emails. Even one message to a honeypot could get an IP blacklisted. The solution, if there is a good one, relies on looking beyond the numbers to the relationship between the sender and receiver. Email isn't a particularly great protocol for establishing that sort of "peering" relationship, though, so I'm not sure there will ever be a good solution to the problem.
Sadly there is no magic solution to address this issue. This is just another layer to try to keep away the bad guys. Combined with a manual customer account validation, a proactive monitoring from our noc (eg. detecting abnormal email traffic volume), and other security measures, at least we're able to take action if anything happens.
As I was and am a "nearly no care required" customer at VPSDime, they opened port 25 on their 7$/y special for me (it's normally blocked for that special). Went fast and got a great, cheap mail server since quite some months.
No you don't understand, when I say email every 5 seconds, this is cumulative, ie the total amount the server is sending which is supporting multiple mailboxes for multiple domains, not per mailbox.
>
But when you accuse someone, you should back it with some evidence. I offer for them to examine the mail logs, they can see exactly what is happening.
My issue with urPad was that they found themselves on an RBL as part of a netblock.
So, sure there is a reason why they ended up on the RBL. But then to go and accuse ALL 253 customers who have a VPS in that /24 network is not fair enough in my opinion.
I get what you're saying, but you have to understand it from the reverse perspective. You have a LEB that, for some unexplained reason, is sending out thousands of emails daily. It might not be worth the effort to figure out whether or not your usage is legit. By way of contrast, I also have a LEB with a mail server running on it for multiple domains, at worst it might send out a dozen emails in a day, it will almost always receive a greater number than it sends, and so I've had no issues with my provider (who I would assume is monitoring traffic on port 25, but I really have no idea because I have zero reason to care).
Spammers deny they spam, and then they deny the evidence of spamming. If you're not a spammer, you need to stop taking actions that are right out of a spammers playbook. It just isn't worth it to the provider to do what you say. You might assume you're legit, but nobody else knows anything about the emails you're sending.
Then you're free to go with a more understanding provider. And, to be clear, them locking down their network is not the same as accusing you (or anyone else) of spamming. All they're asking to open it back up is a little information on why you're sending out emails. It should be an easy thing to explain if you're doing something legit.
I have to admit I have a pretty broad term covering bulk mailing but that is because 999 times out of 1000 people that get a VPS specifically for mail related activities really don't know what they are doing and this helps prevent that/ IP issues, fair? probably not, necessarily? you bet!
If you approached me with details of how you wanted to use the servers in advance it would be apparent you know what you are doing and it is a genuine use case so that would be allowed and any punishments waived.
Hosts are ran by people not terms and conditions, sometimes you need to understand that first.
I hear what you are saying, I slipped my mind that this board of for LEB's, and you looking at it from a LEB providers point of view. I would imagine you are always be dealing with excessive CPU use or high disk io requests, installation/configuration issues, getting hacked etc.
Just to clear the air,
I am not a spammer. I wrote the software which is a SPAM filter service that runs on Ubuntu, and it is very effective. Unfortunately, it will receive mail on port 25 and then forward mail (not necessarily on port 25). Since it uses little resources, its will run very well on a 1GRAM VPS for 30-40 domains. I wont say its impossible, but the chances of it actually sending any SPAM are very little as you cannot relay from it, and outbound mail is only destined to the IP address of the domains real mail server. This is further locked down with iptables. My clients love it because their inboxes are clean.
So how much mail does it process?, It's difficult to dictate how much much mail is considered reasonable.
but its really no different to a cPanel VPS Server with say 30-40 domains on it. Only with cPanel you have the added risk of relaying mail.