ZiaSpace Hosting Acceptable Use Policy
If it were up to us our Acceptable Use Policy would be as simple as this: use common sense. However, the aphorisms about common sense are true, so we will enumerate aspects of our Acceptable Use Policy.
I. You are who you are. In all instances you are who you are. Attempts to act in any way as though you're someone else are not acceptable. For example, spoofed source packets (unless you own the IP or range of IPs which are in the source), false reverse DNS, HELO / EHLO using names which do not belong to you, and web sites hosted by you which are confusingly similar to those belonging to others (satire, of course, is always fine) are all unacceptable.
II. No resource deprivation. Actions which could be construed as attempts at resource deprivation are not acceptable. This includes network flooding, email bombing, or rapid resource requests which overwhelm any server which is not yours. This can be a bit subjective, of course, since spidering a dynamic site which is hosted on a slow server could be considered resource deprivation, but again we ask for the application of common sense: if the site is still accessible but slow, there is no problem (after all, nobody can run services on the Internet while reasonably expecting to dictate the frequency or kind of visitors). However, if someone asks for such actions to be slowed, a reasonable attempt should be made to honor such requests in the interest of being good Internet citizens.
III. No unsolicited email. There are many different definitions of spam or unsolicited email, but ours is pretty simple. Any message (be it email, a posting on a weblog or forum, Usenet posting, et cetera) which is outside of the context of the source of the email address or the location of the posting is considered unsolicited and is not acceptable. This includes but is not limited to messages sent to purchased email addresses, use of email addresses which are publicly available but which are not being used in the context for which they are made public, or facilitating or permitting sending of messages by another party. As an example regarding context, people who post in a web forum that they wish to purchase memory for an older computer would never reasonably expect to be contacted by anyone selling medicine, just as a web page with an info@ email address was not put there to accept solicitations to buy Viagra. While subjective, the grey area is not large.
IV. No attempts at unauthorized access. Any attempts, be they individual attempts or automated, to intrude in any way into any system where the administrator has a reasonable expectation of security are not only unacceptable but are most likely illegal. This includes attempts at gaining access to password protected web locations, weblogs, FTP servers, email accounts, shell accounts et cetera. Exceptions are made for intrusion attempts which are part of authorized security audits, defense and mitigation of attacks from third parties, and attempts to gain control of resources which are being used for illegal and nefarious purposes (such as servers hosting phishing sites, servers being used for intrusion attempts and any instance where servers are compromised and are being used by unauthorized third parties). Any intrusions into compromised servers to mitigate attacks or illegal activities shall take every effort to protect the original content of the server and to do as little harm as possible outside of that done to the unauthorized intruder.
V. Remedies. All attempts will be made to contact anyone violating these policies before any action is taken on our part. However, in the case of behavior which may or will be damaging to our network, our services or our reputation, we will, at our discretion, block such behavior until actions can be taken to stop the behavior at the source. For instance, if a server is spewing thousands of spam messages, we will not wait but will block all outgoing port 25 access immediately because the harm to the reputation of our network clearly outweighs the loss of the ability to deliver email temporarily. We will always be reasonable regarding this blocking and will attempt to minimize any impact to other services. At no time will blocking or disconnection of an infected server be considered a performance failure with regards to our SLA.