youre in violation of the AUP is the primary point, sales pitch being secondary.
Normally I would prefer to say "We have your service address, you let us into your business, you are bothering us, we have pictures from the install to identify the flammable shit, our operations manager happens to be a fucking arsonist, like the type that has no problem burning a house down with a family in it and you are just a business that is closed, do you really think we wont come burn your joint to the ground? we will put an gas can in your bedroom, Insurance doesnt pay for arson, you will be made pretty in prison. BTW, we sell Fortigate" That is much more concise and to the point :-) On Thu, Apr 28, 2016 at 12:51 AM, Eric Kuhnke <eric.kuh...@gmail.com> wrote: > I would make that whole thing about 1/3 the length, and not put a sales > pitch in the same email as a "You are in violation of AUP" stuff. > > > > > On Wed, Apr 27, 2016 at 10:46 PM, That One Guy /sarcasm < > thatoneguyst...@gmail.com> wrote: > >> is it too obvious this is a sales pitch for a managed Fortigate? >> >> Since installation of your internet service, we, as an Internet Service >> Provider, have received an abnormal number of reports of abusive activity >> emanating from your service connection. The complaints are primarily spam >> emails and "brute force" attempts to penetrate multiple secured networks. >> In all likelihood there are one or more devices behind your router that >> have been victimized by malware in one form or another. If you are offering >> public access to the internet via your internet connection, while >> technically a violation of our Acceptable use policy, we tend to give a >> good deal of leniency to businesses such as yours, up until the point we >> begin to continually receive complaints associated with your connection. >> However, given the nature of the complaints tied to your IP address (the >> publicly visible identifier of your connection) we do have to address this >> issue, as the volume of the reports at this point has exceeded a threshold >> that we are able to ignore. Eventually this will result in our public >> reputation as a service provider being one that allows malicious, and >> potentially illegal activity from our customer base, this can result in all >> our customers experiencing issues with things such as undeliverable emails >> and restricted access to common internet destinations. >> We prefer to not have to enforce our Acceptable Use Policies and a >> component of out Terms of Service that we require all our customers to >> agree to as part of our service contract, however, at this point we must >> resolve the current issue to avoid this. >> We request that you review your internal network, for any devices that >> may be housing malicious software. We recommend at minimum, utilizing >> programs such as Malware bytes AntiMalware as well as any of the multitude >> of commercially available Antivirus Solutions. We do also recommend the >> implementation of a quality hardware Unified Threat Management (UTM) >> solution to manage all traffic from your connection. We primarily utilize a >> Fortigate brand solution, but there are many other cost effective hardware >> firewall solutions that off a Quality UTM product. >> Please address this issue at your earliest convenience. As prior stated, >> we do prefer to not have to enforce the components of our Terms of Service >> that all our customers agree to, but we have reached an impasse due to the >> high volume of complaints we have received regarding your connection. If >> you have any questions regarding this matter, feel free to communicate with >> us directly via our customer portal or by utilizing our customer service >> solutions available via telephone during normal business hours >> >> On Thu, Apr 28, 2016 at 12:20 AM, That One Guy /sarcasm < >> thatoneguyst...@gmail.com> wrote: >> >>> yeah, its a bar. >>> >>> On Wed, Apr 27, 2016 at 10:32 PM, Ken Hohhof <af...@kwisp.com> wrote: >>> >>>> Did the OP state the customer was a bar? I missed that. >>>> >>>> >>>> *From:* Eric Kuhnke <eric.kuh...@gmail.com> >>>> *Sent:* Wednesday, April 27, 2016 10:19 PM >>>> *To:* af@afmug.com >>>> *Subject:* Re: [AFMUG] abuse reports on customer IPs >>>> >>>> It'll break basic functionality. At least in the Pacific Northwest I >>>> haven't run into an open coffee shop wifi (Blenz, McDonalds, Starbucks, >>>> Waves Coffee, and a dozen other competitors) that operates a default-deny >>>> filter as you describe. In fact it's even possible to torrent through 95% >>>> of them without connecting to my VPN. >>>> >>>> Even the fast food burger restaurants don't seem to have particularly >>>> restrictive firewalls in place on their free wifi (Jack in the Box, Burger >>>> King). >>>> >>>> If the bar owner referenced in the original wants to try to do that, >>>> with their own firewall, they can certainly try... But it's not the ISP's >>>> responsibility to configure the user's in-premises wifi/"last 20 meters" >>>> connection to client devices. Define a hard demarc point at "This is the >>>> 100BaseTX port to the WAN of your router, here is your ca5e cable, please >>>> let us know if you see any packet loss or downtime". >>>> >>>> Unless you have some sort of managed services division that charges >>>> extra and deals with the hassle of maintaining the end user's >>>> firewall/wifi. >>>> >>>> >>>> >>>> >>>> On Wed, Apr 27, 2016 at 8:10 PM, Ken Hohhof <af...@kwisp.com> wrote: >>>> >>>>> If this is an open WiFi hotspot, why can’t you allow basic web >>>>> browsing, POP/IMAP, and SMTP port 587 but not 25, and block everything >>>>> else? >>>>> >>>>> I often find that at hotpots I can’t use telnet, SSH, Winbox, etc. >>>>> Probably can’t connect to destination port 25 either. Heck, most regular >>>>> ISPs block destination port 25. >>>>> >>>>> Open Internet should not apply to a coffee shop hotspot, I don’t think >>>>> you are required to transport anything and everything in that situation. >>>>> >>>>> >>>>> *From:* Eric Kuhnke <eric.kuh...@gmail.com> >>>>> *Sent:* Wednesday, April 27, 2016 8:58 PM >>>>> *To:* af@afmug.com >>>>> *Subject:* Re: [AFMUG] abuse reports on customer IPs >>>>> >>>>> If it is a customer that operates a open public wifi AP like a coffee >>>>> shop, bar, restaurant, there is not a lot that you can do. Customer won't >>>>> stop running open wifi, people won't stop bringing in infected laptops. No >>>>> way to find out who has the infected laptops/devices. >>>>> >>>>> One possible solution if sufficient ARIN IP space is available is to >>>>> put all such customers in their own special swamp netblock as static >>>>> assignments. Consider that block forever sullied. >>>>> >>>>> On Wed, Apr 27, 2016 at 6:54 PM, That One Guy /sarcasm < >>>>> thatoneguyst...@gmail.com> wrote: >>>>> >>>>>> I know its bad practice, I normally enjoy turning customers off, it >>>>>> makes me feel godlike and powerful, alot of times when i get to shut one >>>>>> off i go upstairs and drag mu woman from her bed by her hair to the >>>>>> kitchen >>>>>> to make me a sammich. but for whatever reason i like this customer >>>>>> >>>>>> On Wed, Apr 27, 2016 at 5:31 PM, Eric Kuhnke <eric.kuh...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> Spam and botnet activity is far more harmful to the health of your >>>>>>> network and the IP reputation of your netblocks than anything DMCA >>>>>>> related. >>>>>>> >>>>>>> >>>>>>> torrents and DMCA notifications don't hurt the network. Knowingly >>>>>>> leaving something that is a repository of virii/worms/trojans online is >>>>>>> just bad practice. >>>>>>> >>>>>>> >>>>>>> On Wed, Apr 27, 2016 at 7:09 AM, That One Guy /sarcasm < >>>>>>> thatoneguyst...@gmail.com> wrote: >>>>>>> >>>>>>>> We have a particular customer, We have been getting tons of abuse >>>>>>>> reports on their static IP, I assume we will never be able to wash this >>>>>>>> sullied IP clean. Theyre not really doing any harm to our network, or >>>>>>>> impacting others on the network, they are in full breach of our TOS, >>>>>>>> thats >>>>>>>> for sure. suprisingly, its primarily spam and botnet activity, but no >>>>>>>> DMCA. >>>>>>>> >>>>>>>> Is there any liability on us as an ISP to not address this >>>>>>>> affirmatively with the customer. Im going to contact them, may offer a >>>>>>>> leased fortigate UTM option. But if there isnt a resolution, other than >>>>>>>> their static IP residing on every blacklist can we get nailed? >>>>>>>> >>>>>>>> Its a good customer, pays their bill on time, worked with us >>>>>>>> through a service issue without the usual "gimme discounts and free >>>>>>>> shit or >>>>>>>> im going elsewhere" I dont want to HAVE to disconnect them if im not >>>>>>>> required to and theyre not impacting others if they cant or wont >>>>>>>> resolve >>>>>>>> the issues >>>>>>>> >>>>>>>> -- >>>>>>>> If you only see yourself as part of the team but you don't see your >>>>>>>> team as part of yourself you have already failed as part of the team. >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> If you only see yourself as part of the team but you don't see your >>>>>> team as part of yourself you have already failed as part of the team. >>>>>> >>>>> >>>>> >>>> >>>> >>> >>> >>> >>> -- >>> If you only see yourself as part of the team but you don't see your team >>> as part of yourself you have already failed as part of the team. >>> >> >> >> >> -- >> If you only see yourself as part of the team but you don't see your team >> as part of yourself you have already failed as part of the team. >> > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
