Standard Operating Procedure for dealing with email abuse or hacked email accounts

[ruzbehraja]

I was wondering what SOPs other web hosting companies follow when dealing with a client who is indulging in abuse of the email services (by sending out spam) or neglecting to fix a script or vulnerability on their website.

• Do you suspend the entire account or do you simply disable the specific email account login?
• Do you allow them to view incoming mail?
• Do you reset their password(s)?
• Do you remove the files/scripts from their account? or quarantine them? or change their permissions?
• Do you charge them a service fee or penalty for abuse of services? if yes, then how much?
• How do you deal with repeat abusers? Do you simply terminate their account?
• If your IP gets blacklisted or greylisted do you charge them an additional fee?
• Is there a specific way or method by which you contact them to inform them about it?

It would be interesting to know how various web hosts deal with this, considering the growing number of stolen password and email accounts being compromised.

 

[cPanelMichael]

Hello,

You may receive more user-feedback to this question on a forum such as WebHostingTalk, as it's a question better answered by other hosting providers.

You may also find this document helpful:

How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation

Thank you.