ایمیل از xlhost مبنی بر تخلف

[Aria]

سلام.

اینقدر ناراحت شدم از این حرکت که لازم دیدم دو نمونه از روش report دادن صحیح به صاحب سرور رو به شما نشون بدم.

1. گزارشی که ThePlanet به خود من داد، در مورد یکی از سایت های مشتری هام.

کد:

Dear Customer,

The Planet or its upstream providers has received a complaint related to a probable violation of the Acceptable Use Policy (AUP). We are forwarding a sample of the reports, requesting that you take appropriate measures to address the issue.

For general reference regarding The Planet's stance on abuse, refer to:
http://www.theplanet.com/about-us/legal.asp

Please direct any questions regarding this specific issue directly in this ticket, or open a new ticket if you are unable to update this ticket due to being logged in on a different user account.

This server is in violation of our AUP by way of suspected DDOS activity. Please investigate, resolve the issue, and update this ticket with your actions, referencing the attached reports for details. Thank you in advance for your time, efforts, and cooperation.


Regards
Christina
Abuse Department
The Planet

2008-12-22 10:31:17 174.133.211.115 ddosreport category: botweb
url: http://www.dat****ers.com/r.php 

2. نمونه ای از گزارشی که دیتاسنتر خودمون از بخش Abuse Investigation به من دادن در مورد یکی دیگه از سایت های روی سرور خودم:

کد:

Dear Aria
We receive the following, spam related abuse report concerning your server at 72.18.1xx.xxx / ***x.ariaservers.com. This site has been hacked and is hosting a phishing URL. We areforwarding this abuse report onto you for your immeadeate action. Please find the relevant portions of the abuse report below.


[ SpamCop V4.6.0.028 ]
This message is brief for your comfort. Please use links below for details.

Spamvertised web site: http://www.p***n.com/catalog/auth.htm
http://www.spamcop.net/w3m?i=z45310617xxxxxxxb5df6e6710102724cfz
http://www.p***n.com/catalog/auth.htm is 64.27.53.xxx; Thu, 10 Sep 2009 18:06:23 GMT

[ Offending message ]
Return-Path: <nobody@server.mydominum.com>
X-Original-To: x
Delivered-To: x
Received: from mac3.swid.co.uk (localhost [127.0.0.1])
by mac3.swid.co.uk (Postfix) with ESMTP id 0FEB43C117FF
for <x>; Thu, 10 Sep 2009 18:12:08 +0100 (BST)
Received: from server.mydominum.com (server.mydominum.com [99.198.112.122])
by mac3.swid.co.uk (Postfix) with ESMTPS id DAD7C3C117FE
for <x>; Thu, 10 Sep 2009 18:12:07 +0100 (BST)
Received: from nobody by server.mydominum.com with local (Exim 4.69)
(envelope-from <nobody@server.mydominum.com>)
id 1MlnBh-0002uw-OA
for x; Thu, 10 Sep 2009 12:12:01 -0500
To: x
Subject: Stay Secure And Safe Online
From: Alliance & Leicester Bank <email.info@alliance-leicester.co.uk>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1Ml_________w-OA@server.mydominum.com>
Date: Thu, 10 Sep 2009 12:12:01 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.mydominum.com
X-AntiAbuse: Original Domain - swid.co.uk
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
X-AntiAbuse: Sender Address Domain - server.mydominum.com
X-Virus-Scanned: ClamAV using ClamSMTP

Dear Valued Customer,<br><br>
<span class="yshortcuts" id="lw_1250689922_0">Alliance & Leicester Bank</span> has been receiving complaints from our <br>customers for unauthorized use of the <span class="yshortcuts" id="lw_1250689922_1">Alliance & Leicester</span> Online <br>accounts. Click the link below to avoid service interruption.<br><a rel="nofollow" target="_blank" href="http://www.downmusic.net/mp3/wp-content/plugins/xinha4wp/xinha_core/alliance-leicester.html"><u style="color: rgb(51, 51, 255);"><br></u></a><u style="color: rgb(51, 51, 255);"><a rel="nofollow" target="_blank" href="http://"><span style="background-color: rgb(255, 255, 191);"></span></a></u></font><a rel="nofollow" style="background-color: rgb(255, 255, 191);" target="_blank" href="http://"><u><font color="#000000"></font></u></a><u><font color="#000000"><a rel="nofollow" target="_blank"href="http://www.p***n.com/catalog/auth.htm"><u style="color: rgb(51, 51, 255);">Stay Secure And Safe Online</u></a></font></u><font color="#00000
0"><a rel="nofollow" target="_blank" href="http://www.p***n.com/catalog/auth.htm"><u style="color: rgb(51, 51, 255);"></u></a><u style="color: rgb(51, 51, 255);"><a rel="nofollow"><span style="background-color: rgb(255, 255, 191);"></span></a></u><u style="color: rgb(51, 51, 255);">


Thanks,

Larry C
Abuse Investigation Department

ببینید، اکثر کاربران این انجمن، متخصص هستند و روز اولشون نیست که دارن سرویس میگیرن و با شرکت های خارجی کار می کنند!

بهتره جواب درستی از XLHost شنیده بشه.

در ضمن، از این دوستمون که بهشون ایراد گرفتن، اگر سرور ویندوز هست، مشخصات Remote Desktop رو برای من Private message کن و یک ساعت به من وقت بده تا تمام شواهد رو حاظر کنم و اینجا واسه همه بزارم !

من یکی قاطی کردم ... شما رو نمی دونم ....!!!!

با تشکر.