OVH Community, your new community space.

The new contract for dedicated servers


macole111
04-08-2013, 13:31
That is always one of the things about OVH, auto detection then sudden suspension - even if nothing is wrong. It makes me think twice before using them for enterprise/mission critical applications.

-macole111
rickyday
04-08-2013, 08:00
Quote Originally Posted by JakeMS
That is why I am asking as to how OVH are detecting the mails,
I will start growing hair if OVH are going to disclose their spam monitoring and spam prevention measures on a public forum!
JakeMS
04-08-2013, 00:34
Quote Originally Posted by Myatu
Do keep in mind that the OVH UK and its other EU counterparts will have to adhere to the EU laws regarding that, so the US CAN-SPAM Act has zero meaning over here. EU requires explicit opt-in (Directive 2002/58/EC, Article 13). Obviously that'll be different for BHS (Canada/US).
Fair enough.

But even under that, marketing mail is allowed assuming the user has already agreed to, and still has the ability to opt out.

Although, those laws, are for the sending party to deal with (the company writing sending the mail).

What concerns me, is mostly just false detections as OVH will instantly block and suspend as soon as it thinks something is spam with no way to prove otherwise or get the server back.

False detections can happen as has been seen over the years.

Heck, you can just send a single email a friend, and it can get marked as spam the other end without it being spam.

That is why I am asking as to how OVH are detecting the mails, and how accurate it will be.

I don't want to wake up one morning and find a server suspended just because someone answered a clients email who is asking for help via support which got detected incorrectly as spam.
Andy
03-08-2013, 18:00
Same for me, it's a private password protected proxy for me. I use it in work when our overactive filtering blocks things! And at home when Youtube etc is being slow Very useful.
Tz-OVH
03-08-2013, 17:51
I run a proxy on mine, but its secured via user/pw...curious if OVH will take issue to it.
Myatu
03-08-2013, 16:37
Quote Originally Posted by JakeMS
The reason I ask is simply, emails which are in full compliance with the "CAN-SPAM Act"[1] may be incorrectly filtered as "spam" and thus the customer incorrectly suspended, with no way to get unsuspended or their get their data.
Do keep in mind that the OVH UK and its other EU counterparts will have to adhere to the EU laws regarding that, so the US CAN-SPAM Act has zero meaning over here. EU requires explicit opt-in (Directive 2002/58/EC, Article 13). Obviously that'll be different for BHS (Canada/US).
dragon2611
03-08-2013, 16:24
7.4
For security reasons, OVH reserves the po
ssibilité to proceed with the immediate suspension
without notice of any server on which would prop
dared to or without charge, an open service
to
Public Proxy, IRC, VPN, TOR, where OVH aur
is aware of misuse,
fraudulent or unlawful
Providing the Google translation didn't screw up I presume this means that whilst running a public VPN service isn't allowed that Running a VPN server for our own use is fine.

I do tend to VPN to one of my OVH boxes when on a Public hotspot/hotel Wi-fi so that my data is at least encrypted over the air.
JakeMS
03-08-2013, 00:43
Can we get a little clarification on the spam stopping measures?

I understand the need to stop spam, and I respect that, however I fear there may be false detections and as such incorrect blocking/suspending.

Would OVH be able to clarify as to how they check the emails? is it via rate of sending out? or different sending from address or?

The reason I ask is simply, emails which are in full compliance with the "CAN-SPAM Act"[1] may be incorrectly filtered as "spam" and thus the customer incorrectly suspended, with no way to get unsuspended or their get their data.

While we do not currently send any marketing email, it is still a concern for future purposes, though we take every precaution to prevent spam including by defaulting having newsletters switched off, with the customer needing to manually enable them and having dkim records, spf records, dmarc records, no relay etc.

Thanks .

[1] http://business.ftc.gov/documents/bu...guide-business
Mark1978
02-08-2013, 08:23
I've got it too and never bought more bandwidth.

My boss also got that email to his personal account and similarly has never bought additional bandwidth.
macole111
01-08-2013, 23:13
I got it and I have never ordered more bandwidth.

-macole111
K.Kode
01-08-2013, 22:24
I think that's basically because your nic handle at some point purchased additional bandwidth for a server and those offers are no longer needed / valid. Probably only relevant if you'd subscribed to an extra bandwidth package.
incipient
01-08-2013, 21:21
I am struggling to understand this. Got the bandwidth warning email today

"you have subscribed to a bandwidth option.

Our conditions of use relating to the bandwidth have changed.
You will find details of the new conditions on this page:
http://www.ovh.co.uk //dedicated_server"

which isnt even a valid url.
Trapper
01-08-2013, 17:48
Quote Originally Posted by Myatu
...I assume they'd include all the servers (new an old)...
Having already had one (possibly two) of my servers "protected" while the dDoS system was still in Alpha, I can almost guarantee that this applies to old servers as well.

It is for OVH's benefit, as well as ours to have everything protected in this way.

~Trap
Myatu
31-07-2013, 19:35
Quote Originally Posted by LawsHosting
Do we need to opt-in to this ddos system? Available on all servers, old and new?
+1 on that. From the Google Translate of the French T&Cs (below), it seems that the servers are monitored, but the protection is only activated after a certain amount of time has passed. I assume they'd include all the servers (new an old), as the new T&Cs also include the changes regarding bandwidth, which has already been applied on my old servers.

ARTICLE 9: MITIGATION (PROTECTION DOS ATTACKS AND DDOS)

OVH is implementing a protection against computer attacks DOS and DDOS (Denial of Service) and provided they are made in a massive way. This feature is intended to allow the continued operation of the Customer Service for the duration of the attack.

This feature is to check the traffic to the Customer Service and from outside the OVH network. The illegitimate qualified traffic is rejected upstream infrastructure Client, allowing legitimate users can access by Customer despite the cyberattack applications.

These safeguards can not intervene for computer attacks such qu'injection SQL Bruteforce, exploitation of security vulnerabilities etc. ...

Due to the great complexity Protection Service, OVH is not subject to an obligation of means, it is possible that the attack is not detected by the tools in place, and the tools developed do not allow the continued operation of the Service.

Depending on the nature of the attack and its complexity, OVH proceed at different levels of traffic protection to preserve its infrastructure and Customer Service.

Mitigation is activated only after the detection of the attack by OVH tools, and a minimum of 26 hours. Therefore until the activation of mitigation, the Department supports the attack frontally which can lead his unavailability.

Since the cyber attack is identified and mitigation is automatically activated, mitigation can not be disabled until the end of the period of 26 hours.

Throughout the duration of the activation of mitigation, OVH can not guarantee the accessibility client applications but will seek to limit the impact of this attack on Customer's Service and Infrastructure OVH.

If, despite the activation of mitigation, the cyber attack is likely to undermine the integrity of the infrastructure or other OVH OVH customers, OVH strengthen protective measures which may cause degradation of the Customer Service or impact availability.

Finally, it is possible that some of the data generated by the attack can not be detected by the equipment OVH and reach Customer Service traffic. The effectiveness of mitigation also depends on the configuration of the Customer's Service, as such it is up to them to verify that they have the necessary skills to ensure proper administration.

To recap, the mitigation does not exempt the Client to proceed with securing its Service, to implement security tools (firewalls ...), to regularly update its system backup its data, or to ensure the security of its computer programs (scripts, codes, etc ...).

Mitigation Option with PRO

If the customer has the use of its service pro option, new features are available.

Customer can activate and advance the mitigation of the Service, however, OVH reminds the activation of mitigation can have a direct impact on the quality of its service. Therefore, the use of mitigation must be done knowingly.

The customer can test whenever they want different protection profiles to measure the impact on the service, and so find the protection profile is best suited to this type of service on the Service. Chosen by the customer profile will be automatically used by OVH in the activation of mitigation.

The Customer may also purchase a firewall that will occur directly along the OVH network.

By default, when mitigation will be activated on the Service Client, Firewall rules are automatically applied. It is the Customer to ensure the relevance of the rules which integrates the firewall, so as not to penalize the activity during the activation of mitigation.
LawsHosting
31-07-2013, 14:06
Do we need to opt-in to this ddos system? Available on all servers, old and new?
oles@ovh.net
31-07-2013, 11:24
Hi,

Following our customers' feedback and in a general paranoid atmosphere, we have clarified two conditions in the new contract to make them as clear as possible:

1) Limitations related to KS 2013

"The 2013 OVH range is exclusively for individuals or companies residents in the European Union, Norway and Switzerland only. The Customer cannot have more than three servers of the 2013 kimsufi range simultaneously.

The OVH Kimsufi 2013 range is strictly for personal use, resale is prohibited and will result in immediate termination of concerned server(s).

The Technical Support for KS customer is defined in Article 3 and help forum is available via http://forum.ovh.co.uk/forumdisplay.php?f=23."

2) We have clarified the use of Proxy, IRC, VPN and TOR.

"7.4 For security reasons, OVH reserves the right to proceed with the immediate suspension without notice of any server that would be offered free of charge or for a fee, a public Proxy, IRC, VPN, TOR, for which OVH has knowledge of malicious, fraudulent or illicit use."

Thanks for your feedback.

More information: (UK contract will be available by the end of August)
http://www.ovh.com/fr/support/docume...dedie_2013.pdf

Best wishes,

Octave
Vmlweb
29-07-2013, 19:03
Quote Originally Posted by chostwales
Any chance we could get this in formal english considering this is the UK Forum. I've google translated it, but really needs formally written in english to fully understand it.
Tomorrow morning when the OVH UK guys can get a translation up.
chostwales
29-07-2013, 19:00
Any chance we could get this in formal english considering this is the UK Forum. I've google translated it, but really needs formally written in english to fully understand it.
oles@ovh.net
29-07-2013, 18:22
Hello,

We are updating the special conditions for dedicated servers to change the rules of use:

1- Since the introduction of anti-DDoS protection, we allow the hosting of camfrog servers on our network. We have the infrastructure to cope with these attacks whatever their sizes, types or durations. In contrast for the last few months we have had several legal matters related to the use of multiple TOR networks for paedophilia and we are now banning it as well as all anonymity systems. This increases fraudulent use of our network and number of legal requisition each month.

=> Consequence on the contract: Article 5.4 evolves.

2- We evolve ways and tools to fight against spams generated by our network. We are working on a system that blocks a spamming IP before it sends too many spams and it gets blacklisted. The work will take a few more weeks, but the contract already explains what we will do, how and when.

=> Consequence on the contract:
- Deleting provisions related to spam in Article 5.2 of the General terms and conditions
- New article 7: Measures to fight against sending spam from the OVH network

3- We have upgraded our network to 5Tbps and we have changed our bandwidth limitations per server.

=> Consequence on the contract: Deleting old Article about the bandwidth

4- Protections against attacks will be free and in BETA. The anti-DDoS service allows you to protect and improve the availability of your infrastructure.

=> Consequence on the contract: New Article 8: Mitigation (measures against the dos and ddos ​​attacks)

5- The new KS range offers personal servers. As such, resale is forbidden and there is a limitation of 3 servers per physical or legal person. For this type of use, there is no need of more such servers, otherwise the customer has to upgrade to the SP range which is now particularly accessible. Also, KS is exclusively for residents of the EU only. For all other countries, ie outside Europe, we offer SP / EG / MG / HG.

=> Consequence on the contract: Amendment article 3.4 related to Kimsufi range to add the interdiction of resale and that it is limited to EU residents only.

More information: (UK contract not ready yet, it should be implemented by the end of August)
http://www.ovh.com/fr/support/docume...dedie_2013.pdf

When logging to the manager, you will be asked to validate the new conditions, and the differences between the new and the previous contract will be displayed. The old contract will either run until the renewal date of your server and you will have to accept the new contract when you will renew it or when you log into your manager.

These measures are in place to avoid abuse, which may affect the offer for technical or economic reasons.

Best wishes,

Octave