Abuse Policy

This document describes the list of possible abuses (complaints) for services leased by the Customer from the Contractor, and also describes the actions of the Contractor when they are received.

1. Abuses

1.1 In case of revealing the fact of receiving complaints (abuse) on the services leased by the Customer, the Contractor gives time to resolve this complaint (from 6 to 12 hours depending on the type of complaint).

1.2. The Contractor has the right to immediately block the ports, outgoing traffic or IP address of the service without prior notice to the Customer.

1.3. Upon the fact of blocking, the Customer receives notification of a complaint about the registration mail and agrees to respond to it within the time specified in the notification, after which he independently removes the reasons for the complaint, and also takes measures to suppress such abuses in the future, which also undertakes to notify the Contractor.

1.4. If you receive 3 (three) or more similar types of abus during one month for one of the services ordered by the Customer, access to the services will be completely blocked and / or the data stored on the account will be deleted without the possibility of recovery with or without additional notice. The exception is abuses (complaints) for spam, when the service can be blocked after the second complaint of the same nature, as well as abuses (complaints) of the nature of Botnet Controller, when the service or service is blocked instantly without the possibility of its recovery.

1.5. The list of possible complaints (abuse) and actions from the technical support of the Contractor is given below:

ABUSE NOTIFICATION: TROJAN / AbuseNormal: [clean-mx-portals] *
This complaint means that the service is sending out spam using a virus (“Trojan”).

The time given to the client for response and correction of the reasons for the complaint is 12 hours.
 
AbuseNormal: Spam complaint from UOL / Spam detected from your IP address *
This complaint means that spam is being sent from a specific IP address.

The time given to the client for response and correction of the reasons for the complaint is 12 hours.
 
AbuseNormal: SBL Notify: IP: #. #. #. # added to Spamhaus Block List (SBL) / AbuseNormal: RBL Listing Notification / AbuseAOL: Email Feedback Report for *
This complaint means that the IP address of the service is included in the SBL black list (spam is sent from this address).

The time given to the client for response and correction of the reasons for the complaint is 12 hours.

AttackOutLevel: OUT Attack notification for IP / DDOS attack from your IP *
This complaint means that through the service there is a deliberate (or not) brute force or an outgoing DoS / DDoS attack.

The time given to the client for response and correction of the reasons for the complaint is 2 hours.
 
AbuseNormal: [IP: #. #. #. #] Phishing hosted on **
This abusa means that a phishing site is located on the specified IP address. If the technical support team is satisfied that the Customer has independently posted a phishing site on the service, the service will be permanently blocked without the possibility of recovery.

The time given to the client for response and correction of the reasons for the complaint is 12 hours
 
AbuseNormal: [clean-mx-phishing] * / **
This abusa means that spam is sent through the service (usually caused by backdoor, shell, exploit).

The time given to the client for response and correction of the reasons for the complaint is 12 hours.
 
AbuseNormal: Phish redirection site on your network **
This abusa means that the service is redirected to a phishing site.
After receiving this abuse, the Customer receives a notification about this problem on the service and blocks all outgoing traffic.

The time given to the client for response and correction of the reasons for the complaint is 12 hours
 
AbuseNormal: Open recursive resolver used for an attack **
This abusa means that through the service there is an open DNS recursion.
In the event that the technical support team is satisfied that the Customer has deliberately installed malicious software on the server, the service may be permanently disabled.

In other cases those. Support of the Contractor gives up to 12 hours to correct this problem.
 
AbuseNormal: COPYRIGHT INFRINGEMENT ACTION
This abusa means that the copyright in the content of the site hosted on the service has been violated.
 
The contractor has no right to independently decide on the satisfaction of claims of third parties. A person who believes that the material posted on the Customer’s website violates the rights of that person (in particular, the rights to a trademark, trade name, other intellectual property, the name of a non-profit organization or government body), shall be entitled to file a claim only through the appropriate judicial and law enforcement authorities or competent organizations (organizations that have such rights by virtue of the nature of their activities and the contract).

This complaint is most common on such projects as: torrents, online cinemas sites, sites for selling replicas of brands, sites with adult content.

After the Contractor receives complaints from the competent authorities, the Customer will be given 12 hours to resolve the problem. If the Customer ignores this complaint, after the specified period, this resource will be blocked.
 
ABUSE: HACK ATTEMPT *
This abusa means that the site was hacked, as a rule attackers are interested in access to the mail for spamming.

The time given to the client for response and correction of the reasons for the complaint is 12 hours
 
Vulnerabilities
This abusa means that the site hosted on the Service has a number of critical vulnerabilities. It does not threaten the client with blocking the service, however it requires attention for further stable operation of the service. Also, vulnerabilities can cause the appearance of one or more Abuse species described above.


* When receiving complaints related to the sending of spam, technical support of the Contractor can block the ports responsible for sending mail, as well as block the IP address of the service by adding it to the black list.

** When receiving complaints related to phishing sites, DoS / DDoS attacks, and DNS recursions, technical support of the Contractor can block the ports responsible for accessing the service, as well as suspend outgoing traffic.

2. Spam (SPAM)

2.1. The customer is informed and understands that to organize mass email dispatches from RU-NIC’s services, he will need to provide a link to the Double Opt-In contact form or website with which the addresses for the mailing were collected / collected / collected, and the legitimacy of origin database addresses in correspondence with the support service Unihost.com.

2.2. In case of revealing the fact of spreading spam from the Customer’s resource using the Executor’s Services, the Contractor has the right to immediately block the ports responsible for sending mail or the IP address from which the sending of spam is fixed, without prior notice to the Customer.

2.3. Upon the fact of blocking, the Customer is notified of the violation on the registration mail and undertakes to eliminate the reasons for sending spam within 12 hours, and take measures to suppress such activities in the future, which also undertakes to notify the Contractor in the reply letter.

2.4. The executor recommends the customer to use the instructions for creating DKIM, SPF, as well as instructions for checking their distribution by the number of spam score points (usually the EFA filter blocks letters that received a spam score of 5 or higher).

2.5. Spam mailing cases include:

  • the dissemination by the Customer of advertising information and other materials for advertising purposes without the prior consent of the recipient, including electronic messages containing a link to the site and calling for his visit
  • entering the e-mail address into the periodic mailing lists without the prior consent of the address owner (if the subscription for receiving messages is a prerequisite for registration on the site, then the user must be explicitly notified about this before providing his data, even if the messages sent by the system describe method of removing an address from the mailing list);
  • Regular distribution of messages that do not contain a description of how to delete an address from the distribution list
  • sending messages to addresses from which requests for this were previously made;
  • Distribution by the Customer of other e-mail addresses and commercial offers of questionable nature (for example, schemes of “pyramids”, Internet earnings systems, “letters of happiness”, etc.)
  • support for conducting unsolicited mailings, linking spammy servers and subnets, technical support for servers and DNS domains that are used for this purpose.