On 11/06/13 14:13, Dobbins, Roland wrote:
On Jun 11, 2013, at 6:02 AM, Dave Mill wrote:
What should we do about the customers who don't fix this issue within a reasonable time-frame once we've told them about it? Presumably, your AUP prohibits running servers on broadband connections. If so, enforce that provision.
If it doesn't, update the AUP and then enforce it.
If you don't want to prohibit servers in general, then update your AUP to prohibit running open DNS recursors and open mail relays, and then enforce those provisions.
Once you've established that a customers insecure machine is being used in an abusive or illegal fashion, rights-to-terminate are not in question. It's whether the business wants to wear the loss of revenue associated with this, when the impact from a non-technical perspective is minimal-to-nil... enforcing disconnection clauses is easy when the abuse is obvious or deliberate. It's fractionally harder to do in other cases. My comment to Dave would be roughly similar to this, though; you're protecting the reputation of your brand, your operational costs (bandwidth utilisation, etc) and preventing illegal behavior / collateral damage to victims, etc - and cost blowouts for the customer. Perhaps the threat of disconnection alone will convince your customer that it is in-fact a matter to take seriously? I for one hope that there aren't any active NZ ISPs who would take the 'it's not a big enough problem to justify cutting them off' line, but the cynic in me says there's gotta be at least a couple :( Cheers Mark