free web hosting

I received a spam complaint from my upstream provider, citing the IP of the same customer machine which was already rooted twice. Needless to say, this didn't make me very happy. Upon further examination, the mail header revealed the domain used to propagate the spam. Exim will tell you in the header, which domain invoked apache (presumably through CGI or PHP) to send the email, which is revealed in the "envelope-from" field. Thank goodness!

The domain turned out to be one used for free web hosting. I immediately changed our customer agreement to disallow free hosting on our network. Despite foolishness from my client, citing that the signup script for free hosting was "broken," there were still several websites behind the same domain which appeared to be freely hosted (they had ads at the bottom of the sites, etc.). For all I know, my client could have been the one who broke the signup script, who knows.