Back to home
Legal

Acceptable Use Policy

Rules for lawful, safe, and acceptable use of Amherst Systems services, including abuse, spam, malware, DDoS activity, and enforcement.

Effective date: March 24, 2026
Last updated: March 24, 2026

1. Overview

This Acceptable Use Policy applies to all Amherst Systems services, including VPS hosting, dedicated servers, DDoS protection, and system administration engagements.

This Policy is part of our Terms of Service. Violations may result in immediate enforcement action, including suspension, null-routing, traffic filtering, service restrictions, termination, additional charges, and referral to law enforcement where appropriate.

This Policy is not exhaustive. We may take action against activity that creates legal, operational, abuse, security, reputational, or infrastructure risk even if that activity is not listed below.

2. Your responsibility

You are responsible for all activity originating from, routed through, hosted on, or otherwise associated with your services, whether that activity is carried out by you, your users, your customers, your agents, or an unauthorized third party that gained access to your systems.

If your systems are compromised, misconfigured, or abused, you are still responsible for promptly remediating the issue.

3. Prohibited activity

You may not use the services to engage in, facilitate, promote, or support any unlawful, harmful, abusive, deceptive, or infringing activity.

3.1 Illegal conduct and rights violations

Prohibited activity includes:

  • violating applicable law or regulation;
  • hosting, distributing, or facilitating unlawful content;
  • infringing intellectual property rights;
  • trafficking in piracy tools or unlawful circumvention tools; and
  • using the services in connection with fraud, scams, or deceptive commercial activity.

3.2 Malware, botnets, and exploit delivery

You may not host, distribute, operate, or facilitate:

  • malware, ransomware, spyware, worms, trojans, rootkits, credential stealers, malicious droppers, or similar malicious code;
  • botnet command-and-control systems;
  • exploit kits, payload delivery infrastructure, or malicious update systems; or
  • infrastructure designed to compromise, persist on, or exfiltrate data from third-party systems.

3.3 Phishing, impersonation, and fraud

You may not use the services for:

  • phishing pages or credential-harvesting systems;
  • fake login portals;
  • business email compromise;
  • impersonation of individuals, companies, or brands; or
  • deceptive identity misrepresentation intended to mislead or defraud.

3.4 Spam and unsolicited messaging

You may not send, relay, facilitate, or support:

  • unsolicited bulk email;
  • unsolicited bulk messaging;
  • snowshoe spam or evasion-based spam techniques;
  • open relays or abuse-friendly forwarding systems; or
  • campaigns using contact lists obtained without valid permission.

3.5 Unauthorized access and abusive scanning

You may not:

  • gain or attempt to gain unauthorized access to any system, network, or account;
  • perform brute-force attacks, credential stuffing, or password spraying;
  • probe, scan, or test third-party systems without explicit authorization;
  • exploit vulnerabilities in third-party systems; or
  • operate infrastructure targeting third-party systems for intrusion, persistence, or exploitation.

3.6 DDoS abuse and traffic laundering

You may not:

  • launch, participate in, or facilitate denial-of-service attacks;
  • operate or support booter, stresser, or DDoS-for-hire services;
  • use our services to relay, disguise, re-originate, amplify, or launder attack traffic;
  • evade mitigation, filtering, or abuse controls; or
  • use DDoS mitigation services in a manner that creates unreasonable or abusive traffic patterns for upstreams, our network, or other customers.

3.7 Resource abuse and infrastructure risk

You may not use the services in a way that materially threatens stability, integrity, or availability, including through:

  • deliberate flooding or saturation;
  • uncontrolled packet generation;
  • abusive network protocols or traffic patterns;
  • persistent extreme resource consumption that harms shared infrastructure; or
  • other usage that unreasonably degrades service for Amherst Systems or other customers.

Cryptomining and other unusually compute-intensive workloads are allowed only if we have expressly approved them in writing for the relevant service.

3.8 VPN and proxy services

VPN, proxy, and relay services are not prohibited by default. However, they are subject to heightened scrutiny and may be suspended or terminated if they generate repeated abuse reports, facilitate prohibited conduct, create upstream risk, or interfere with investigations.

4. Enforcement

We may take any action we reasonably consider necessary to protect Amherst Systems, our providers, our customers, or the public. Enforcement actions may include:

  • immediate suspension or termination;
  • null-routing;
  • filtering, blocking, or rate limiting;
  • disabling access to content, services, ports, or protocols;
  • requiring remediation, patches, credential resets, or configuration changes; and
  • preserving evidence and responding to lawful requests.

We are not required to provide advance notice, a grace period, or an opportunity to cure before acting.

5. Abuse reports

Abuse reports should be sent to abuse@amherst.systems.

When possible, include:

  • affected IP address or hostname;
  • date and time with timezone;
  • logs, headers, packet captures, or other supporting evidence;
  • a description of the issue; and
  • your contact information.

6. Upstream charges and administrative fees

If upstream providers, carriers, or other third parties impose charges, penalties, or fees on Amherst Systems due to your activity or activity associated with your services, we may pass those amounts through to you and add a 25% administrative fee.

7. Cooperation requirements

You must respond promptly to abuse complaints, security inquiries, and remediation requests related to your services. Failure to cooperate may result in immediate suspension or termination.

8. Law enforcement and legal process

We may preserve logs, records, and other evidence and may cooperate with law enforcement, regulators, courts, or other authorities where legally required or permitted.

9. Changes to this Policy

We may update this Acceptable Use Policy from time to time by posting a revised version. Changes take effect when posted unless a later date is stated.

10. Contact

Abuse: abuse@amherst.systems
General: contact@amherst.systems