What is Complaint notification

Overview

A Complaint Notification is an official message indicating a potential violation originating from your service. This notification may be initiated either by a third party or detected and initiated by INTROSERV itself through our monitoring systems.

Such complaints may involve (but are not limited to) spam, abusive traffic, DDoS activity, phishing, unauthorized content, malware distribution, copyright infringement, and other violations of the Acceptable Use Policy. INTROSERV is required to forward these notifications to customers and request timely action.

Sources of Complaints

Complaint Notifications may be submitted by:

INTROSERV's Abuse Department
Data centers and upstream providers
Abuse departments of infrastructure partners
Copyright owners (DMCA)
CERT and security organizations
External monitoring services
Individual users reporting incidents

Info: External sources may monitor network activity and inform INTROSERV about detected violations.

Importance of Timely Response

Responding promptly is mandatory. All services must comply with the Acceptable Use Policy. Unresolved complaints may lead to:

IP address suspension
Traffic restrictions
Temporary service suspension
Termination of the affected service
Account reputation impact

How Customers Receive Complaint Notifications

INTROSERV delivers Complaint Notifications through:

A support ticket (primary channel, visible in the Client Area until resolved)
Email notification linked to the ticket

Info: The original complaint text is forwarded without modification. Notifications are forwarded as soon as they are received and processed by the Abuse Department.

Structure of a Complaint Notification

A typical notification includes:

Date and time of the report
Source of the complaint
Affected IP address or service
Description of the violation
Evidence provided by the reporting party
Required actions
Deadline for response (usually specified in hours)

Example Notification:

Ticket ID: #123456 Date: 2025-12-07 14:30 UTC Source: Monitoring system Affected IP: 192.0.2.45 Violation: Spam/Phishing Activity Description: Multiple phishing emails sent from this IP Action Required: Immediate action required. Stop mail service or block outgoing SMTP Deadline: Immediate (IP address will be blocked by support)

Internal Processing

The INTROSERV Abuse Department reviews each incoming complaint.
The notification is forwarded to the customer.
The customer is responsible for resolving the issue on their server.
INTROSERV confirms the resolution to the reporting third party when required.
INTROSERV does not access or modify customer systems. The customer is fully responsible for all activities performed from their server, including actions of third parties resulting from compromised accounts or outdated software.

Required Customer Actions

Upon receiving a Complaint Notification, the customer must:

Review the complaint details.
Inspect the affected server or IP address.
Identify the cause (malware, compromised account, outdated software, misconfiguration).
If necessary, immediately apply temporary mitigation measures (for example, disable services, block ports, suspend outgoing mail) until the root cause is resolved.
Resolve the issue: Remove malicious files; Terminate unwanted processes; Update software or CMS components; Restrict unauthorized access; Secure credentials.
Provide a detailed description in the support ticket of all actions taken to resolve the issue.
Monitor the service to avoid recurrence.

Response Time

Standard response time: within 12-24 hours. High-severity complaints may require immediate action. The response deadline is defined in the complaint. Failure to respond within the required timeframe may trigger service restrictions.

Consequences of Non-Compliance

Ignoring a Complaint Notification may result in:

IP-level suspension
Traffic filtering
Temporary suspension of the entire service
Permanent service termination in repeated cases

Prevention Recommendations

Server Hardening

Keep software, CMS, plugins, and operating systems updated.
Use strong passwords and disable unused services.
Limit access to SSH/RDP and use firewall rules.

Active Monitoring

Enable and review logs regularly.
Monitor traffic and resource usage.
Set up alerts for suspicious activity.

Content Policy Compliance

Do not host illegal or unlicensed content.
Ensure hosted applications comply with the Acceptable Use Policy.

Troubleshooting and Common Scenarios

If You Cannot Identify the Violation

If you do not immediately know what caused the complaint, contact the INTROSERV's support without delay. Provide server logs, access history, and any relevant technical details. The support team can offer guidance to help identify the issue and establish a resolution timeline.

If You Believe the Complaint Is Incorrect

You may appeal a complaint if you believe it was submitted in error. Provide evidence and documentation in the same support ticket, explaining why you believe the complaint was incorrect.

If Your Server Was Compromised

If you discover that your server was compromised during the investigation, take immediate action:

Revoke all compromised credentials
Remove unauthorized access points
Patch all known vulnerabilities
Scan for malware and remove detected threats
Review access logs for attacker activity
Restore from clean backups if necessary

Tip: Document every step of the remediation process and submit detailed evidence in the support ticket.

Typical Resolution Timeline

Resolution speed depends on the severity and complexity of the violation. Standard violations can typically be resolved within 12-24 hours. High-severity incidents such as active DDoS attacks, malware distribution, or ongoing spam campaigns may require immediate action to prevent further damage or escalation.

Summary

Complaint Notifications indicate activities that violate network or content policies. They require prompt investigation and resolution. Timely response helps maintain service availability and protect account reputation.