spam, what to do:)

My question is this. The company I work for has a no spam policy.
Sometimes users do and of course we shut them off. My own feelings asside
its what is considered proper in the isp community so we do it with out
question. However, what is the best policy and procedure to prevent
people from spamming in the first place and secondly if they do and get
terminated fix the damage done. I have no desire to support spam or
enable spammers but there are bad users and sometimes they do. Any
positive advise on dealing with these guys above just turning them off
would be helpful.

Id post this to a different list.. NANOG has hashed spam to death
and its really no longer the place to post about it.

That aside....

I'd set a policy and put it in your AUP, there is some legal
exposure for not doing that.

I'd also enforce your AUP equally each time, and you may wish
to put a "SPAM Termination Fee" as a liquidated damages statement.
Make it large enough to deter, and worth wild going after them if
they abuse or damage your network addresses...

precious little IP life forms.... to the tune of Data singing..


Well we do have a no spam policy listed on the web site and we do stick
to it, its not there just for looks. I like the idea though of a
termination fee, good idea!

1. Make sure you have accurate billing information on them, a good
credit card, a phone number you've actually called them back on, that
sort of thing.

2. Make it clear you'll charge some clean-up fee for spamming billed
at $250/hour 4hr minimum.

the first item is most important, spammers thrive on anonymity
(actually, fraudulent identity), if they feel your procedures don't
allow them anonymity/fraud they'll go somewhere else.