Hey folks,

Sometimes I get people that for one reason or another they are banned from the server but 6 motnhs later on they are back because nobody remembered that domain was banned once.

Since ips are 99% or more dynamics, it is almost impossible for me to ban these people by banning their IP... unless you guys see something that I dont.

Anyhow, my suggestion is that we wouldnt allow orders to bre created from certain domains and/or emails. This way a same banned domain or email cannot come back.

examples of bans that I mean:

1) email: [email protected]
2) domain: somedomain.com (same as *.somedomain.com)
3) email: freedomain.com (same as *@freedomain.com)
4) 216.216.55.*

Hope it makes sense and more people need it.

Nobody want to ban emails or domains.

Interesting.

Hey,

I think this is a great idea, how ever when running my company and client I refuse of service I keep the old files of them just for legal purposes. In WHMCS I still keep them in the system. Just change the email and add a .com to the end of it so the email will look like [email protected] in which case the banned user won't get any emails and change his or her password. This way I have a copy of it in the WHMCS database as well as in my legal MS Access Database...

From,
Adam

Hey Adam,

Yeah I do something similar too.

It works not bad.. but, in your example, [email protected] will be able to purchase again because you just rename it to [email protected] He wouldnt be able to purchase the same domain but would a different one.

These manual things work ok but it fails more then it should and when you see the same old spammer sending 20,000 spams per hour from your server saturday 4AM... you want to quick yourself... trust me. :)

We all know that my request wont stop them if they really want to but will stop some.

When it was just myself, it was easy to control these things... but now we have 5 people working... to remember who is good or who is bad it is a bit difficult.

And, there is always that guy that decided not to pay you once and he comes back and nobody sees him.

Cheers,

Marcelo

This is one of the reasons why I don't allow automatic account creation and don't offer a free trial period anymore. This is more like an open invitation for spammers and it doesn't really make any difference for real clients.

Hey Patty,

What you said is true... it is a potencial security breach.

The thing is we haid free trial and turned off because of the spammers. We got 75% less real clients in the period that is was off.

I guess that happens to us because of the nature of the market. Brazilians are quite affraid to pay anything new because they know it is hard to get it back later on because of the laws. If you offer something no risk to them, things move quite well.

That said, we still go back to one of my points. You get a spammer "John" today, a year later you (or that new clerk you hired), will need to remember that this "John" is the same guy that caused you some trouble a year before. To do that, you will need to have a list in some where and match it manually... and manual means potencial security breach too.

For me, the bigger I am, the harder it gets to do these manual checks.

We are creating few sub systems to do that kind of check right now... for me, it is easier and safer than manual check.

Cheers,

Marcelo

I see your point and although I agree that some sort of ban is needed, I just don't believe it will help much, for spammers rarely would use the same email or info to register again. And IP bans are pretty much useless IMHO, since it's mostly dinamic.

I really don't know the best way to block them, except keeping an eye out for suspicious accounts and not making it easy for them to obtain an account. But that will be harder and harder to do as your business grow, it's true. We have to be extra carefull all the time. :?

We keep all cancelled accounts on the system, especially the ones that registered for the trial account and never became real clients. But as far as I know, they never came back. :P