Permission Denied, John Oxendine Style

Why on Earth would anyone believe a word John Oxendine had to say, let alone elect him governor of Georgia?

Insurance Commissioner John W. Oxendine has denied persistent rumors that he was once the subject of a corruption investigation. But newly obtained documents show that the Republican gubernatorial front-runner was indeed the focus of a state probe that was later referred to the U.S. Attorney’s office.

John Oxendine has denied that he was once the subject of a corruption investigation. I don’t know what reality he lives in, but here in the real world, truth carries more weight than words. How can you deny you were the subject of a corruption investigation, yet refuse access to the files the federal government compiled in the case?

There’s some evidence the feds also pursued the case, but Oxendine has refused the AJC’s request to authorize the newspaper’s access to any file the federal government may have compiled.

The mere fact he is denying permission to access files pertaining to the investigation completely contradicts his earlier statements that there was no investigation.

It does not take an investigation to demonstrate that John Oxendine is nothing but a liar.

Every Georgia voter needs to remember John Oxendine’s own words when they head to the voting booth on July 20th.

Let’s Retire John Oxendine From Georgia Politics

I almost forgot to mention that I heard back from Tim Echols, John Oxendine’s campaing manager, on Friday. It turns out the information from their database was shared by a “similar consultant”.


We share a similar consultant with the Sheffield campaign, and it appears that is how your name wound up in their database. Please know that I did not authorize the sharing of any list, and certainly
apologize for this happening if it occurred that way.

I do value my reputation and work hard to maintain a good name. Sorry for your trouble.

All the best,

Tim Echols

So who is the consultant?

We know that Sheffield’s campaign manager, Kathryn Ballou, is Oxendine’s former campaign manager. We also know that she stayed on to help the Oxendine campaign after she stepped down, but before she stepped in to run the Sheffield campaign. Is she the “similar consultant” Mr. Echols is referring too?

If not, how many other consultants are being shared between the two campaigns?

Speaking of John Oxendine, did you read the latest?

Ten Alabama political action committees, found last year to have funneled insurance company money to Insurance Commissioner John Oxendine’s campaign for governor, have rejected subpoenas from the Georgia State Ethics Commission.

This is bad. This is very bad. It seems two local Georgia insurance companies funneled money into multiple PACs that turned around and donated equal amounts back into the state of Georgia and candidate John Oxendine’s campaign.

Last May, The Atlanta Journal-Constitution reported that two Rome, Ga. insurance companies – State Mutual Insurance Co. and Admiral Life Insurance Co. – sent checks to the 10 PACS. The insurance companies are both headed by the same CEO, Delos “Dee” Yancey III. The PACs are administered by the son of Donald V. Watkins, the head of the bank who also sits on the board of both insurance companies. The bank also once was co-owned by Yancey’s father.

Most of the PACs had little or no money in their accounts before the infusion of cash.

Once the payments were made from the insurance companies, the PACs each sent $12,000 – a total of $120,000 — to Oxendine’s campaign. The money was all sent in the same amounts and on the same dates from all the PACs.

Georgia’s Ethics-in-Government Act prohibits officials from taking money directly from companies they regulate. The law also prohibits funneling money through multiple PACs to get around contribution limits of $12,200 per candidate in a normal election cycle.

If the law prohibits funneling money through multiple PACs then State Mutual Insurance and Admiral Life Insurance have some questions to answer.

Even though he returned the money after the original story ran in May, John Oxendine has some questions to answer as well.

Yancey, whom Oxendine describes as a friend, is a major player in the insurance industry. Oxendine and Yancey often spend time together. Oxendine has gone on hunted trips as Yancey’s guest in Mexico and Georgia. Oxendine repeatedly has appointed Yancey chair of the Georgia Life & Health Guaranty Association, a state-created organization that pays claims when insurance companies become insolvent.

Does John Oxendine actually expect us to believe he had no knowledge that his good friend and hunting partner was making such sizable donations to his campaign?

Many people have told me that John Oxendine has been fooling voters since 1994, and it appears to me that he thinks he can still get away with it.

After the whole e-mail fiasco, the attacks on Lynn Westmoreland, and now this, I’m through with John Oxendine and his antics. He’s the last person I want to see in the Governor’s mansion.

It’s time for John Oxendine to retire from the Georgia political scene.

— Posted with Stuffr! —

Leveraging Your Lies Won’t Get You Elected

Having focused so much attention on the e-mail scandal the past couple days, I missed a much more serious issue involving John Oxendine.

Apparently, John Oxendine was so put off by the fact that Rep. Lynn Westmoreland (R-13) would not endorse him for governor, he created a non-scandal in an attempt to discredit Westmoreland.

Westmoreland has perhaps the best combination of social and fiscal conservative cred in the GA Congressional delegation. Westmoreland’s supporters extend beyond his 3rd Congressional District, and are comprised of those that we generally accuse Ox of pandering to. His supporters are those that Ox covets. When Cagle dropped out of the Governor’s race last April, Westmoreland was thought to be the immediate front runner if he chose to enter the race. During this time, calls from Oxendine increased in frequency, essentially begging Lynn to endorse the Ox. Lynn would have none of it.

So it was rather strange, this week, for Congressman Westmoreland to get a call from Georgia Public Television asking for his comment on his involvement in the failure of Southeastern US Insurance. Strange because the reporter listed his source as one John Oxendine, Insurance Commissioner. The man who pledged in an earlier call to do everything in his power to keep Lynn’s role from the press was now calling GPTV (the press?) to put pressure on Westmoreland.

In yet another case of being blatantly obvious, it sounds like Oxendine attempted to influence Westmoreland’s position on the race for governor by issuing subtle threats. It’s pretty clear he used the investigation of Southeastern US Insurance as leverage and in this case it didn’t work.

How many times as Oxendine done this over the years? He’s been Insurance Commissioner since 1994, or whatever, so I’m sure there are probably a lot of people out there who “support” him because they thought they had no other choice.

What a shame. It’s so much easier to stand tall, to be honest, and to be upfront. When you get to telling tales, you end up chasing tails as well, and if the person you’re chasing stops to quickly you never know where you’re going to end up but you know it won’t be pretty.

If this accusation is true (which is sounds more and more like it is), the people of Georgia need to kick Oxendine to the curb.

The last thing our state needs right now is an unethical governor who’s not ethical enough to control his e-mail list, let alone principled enough to sit in that chair.

Oxendine & Sheffield: The Truth Shall Set You Free

When I wrapped up my post last night I was convinced that the John Oxendine campaign had shared their e-mail list with the Maria Sheffield campaign. Like I said in my post last night after researching the connections between John Oxendine and Sheffield’s campaign manager, as well as Maria Sheffield herself, it was bluntly obvious that some back scratching was occurring.

This afternoon, I received an e-mail response from Kathryn Ballou, Maria Sheffield’s campaign manager. Her response was rather long-winded (who am I to talk about people being long-winded) but she answered my question, honestly.

This will be my final post on this issue. I believe, after receiving the response from Mrs. Ballou that the issue has been resolved, and my original inquiry has been addressed, albeit with some snarky responses and a whole lot of political mumbo-jumbo thrown in to boot.

First, here is the original inquiry that I sent to Kathryn Ballou.

Hi Kathryn,

My name is Michael Barrett, and I have a question regarding the mail list for Maria Sheffield’s campaign.

On February 5th, I received two emails from the Sheffield campaign. I never signed up for, nor did I consent to receive any email from the Sheffield campaign, and I would like to know how my addresses got on your list.

Did you get the list from another candidate by chance?

Please let me know as soon as possible, as I would like to get to the bottom of this.

Michael T. Barrett
Temple, GA

When I sent that e-mail I was already convinced that the Oxendine campaign had released the e-mail addresses to the Sheffield campaign. While Kathryn didn’t come out and say she received any list from the Oxendine campaign she left that possibility wide open in her response.

Michael, thanks for contacting the campaign – I appreciate anyone who takes the time to get back to the campaign regardless of the issue. I have to give a dig back to you (and I say this good naturedly) about this email, though – it went to my gmail account and not the one we have on record with the campaign. I could ask where you received my gmail account as I can identify everyone who has it – I assume someone has forwarded it on to you. Just the way it works sometimes :>)…

We are fortunate that Maria has worked with the industries regulated by the Department of Insurance for 15 years and the Republican Party for 20+ years. During this time, she has kept a database of all of her contacts and has a nice size base upon which we have built. Unfortunately, we do not have the base several of our opponents do.

We have made a huge effort to build upon this database in the past 6 months by asking associates, friends and supporters for their group lists, copying emails from messages that were sent out and the recipients were not blind copied (several campaigns have sent out emails without blind copying their lists), obtaining lists from groups that Maria is a member of or has spoken to, researching all sorts of media contacts as well as any and every blog which has any political bent, business sources, etc.

I am not going to go into detail of where we look as you may be supporting one of our opponents, but assume they are using the same resources. It is not difficult to find the resources, just time consuming.

There are 2 types of candidates. Those who do the research and reach out to as many voters as possible and those who rely on special interests and Capitol contacts. Maria makes no apologies for being a candidate who puts a high priority on listening to and communicating with voters. Often, this is done via email. With all due respect, the campaign reached out to you, and by so doing demonstrated respect for you as a Georgia voter. The campaign followed standard, social protocol by installing a user friendly opt out link.

In the only email we have sent to date, Maria received fewer than 100th of a percentage point of people choosing to opt out. If you would like to opt out as well, please let me know and we will delete you from our database. I see you are in Temple and I appreciate that you are a Georgia voter. If you have not already chosen a candidate in this race, I hope you will at least read our materials and consider Maria.


Before I write about some of the finer points of her response, here is the response I sent back to her this afternoon.

Good afternoon Kathryn,

Thank you for responding to my inquiry. What started as a simple inquiry into why two e-mail addresses which I have never used for any other political e-mail list other than John Oxendine’s campaign were added to Maria Sheffield’s e-mail list has turned into quite the adventure of deception and deflection. I appreciate your attention to this matter, and I also appreciate your explanation which answered my question without being deceptive nor deflecting from my original inquiry.

All I wanted was a response from either campaign which answered my question, how did my two e-mail addresses wind up in Sheffield’s database? Thank you again for answering my question. Although your response was very political in nature and a bit long-winded, you answered my question and removed any doubt that the Oxendine e-mail list was shared with the Sheffield campaign.

I received your gmail address from someone connected with the Republican Party of Georgia. I had mentioned my e-mail concerns to them and they offered me your address in confidence that you would be able to address the issue directly. I have worked on many political campaigns over the years and I know that contact addresses on the candidate’s website don’t always go to, nor are they always read by, the campaign manager. My contact wanted to make sure my concerns were addressed as quickly as possible and reached you directly, which is why they offered your gmail address. Also, (tongue in cheek) it’s a little bit different obtaining an e-mail address of the campaign manager for a political candidate as opposed to mining two private e-mail addresses from another candidate’s database.

Thank you again for your response,

Michael T. Barrett
Temple, GA

I know she mentioned the e-mail address issue “good naturedly”, and I addressed that in my response to her, so let’s move on with everything else she had to say. Let’s start with that third paragraph.

We have made a huge effort to build upon this database in the past 6 months by asking associates, friends and supporters for their group lists, copying emails from messages that were sent out and the recipients were not blind copied (several campaigns have sent out emails without blind copying their lists), obtaining lists from groups that Maria is a member of or has spoken to, researching all sorts of media contacts as well as any and every blog which has any political bent, business sources, etc.

As she explained the process by which Sheffield has been building her e-mail database, she removed all doubt that the Oxendine campaign shared their list. “Asking associates, friends, and supporters” for their lists made it pretty clear. My addresses are on no other list (together) than John Oxendine’s and her explanation just verified everything I thought had happened.

We all get spam. Spam is just part of the daily process if you have an e-mail account. Does anyone else find it a bit disturbing that a political candidate would be relying on mailing lists where recipient addresses were not blind copied to build their own database? As a web developer and the owner of a web hosting company I am quite familiar with OPT-IN and OPT-OUT e-mail marketing, but I will address that issue in a few moments.

The next paragraph made me laugh out loud. She actually took the time to tell me that she was not going to go ‘into detail’ of where they look for addresses because I may be supporting one of their opponents. Ha ha. Wow. I just had to laugh out loud again as I typed that.

She already told me where they look, by “asking associates, friends and supporters for their group lists, copying emails from messages that were sent out and the recipients were not blind copied (several campaigns have sent out emails without blind copying their lists), obtaining lists from groups that Maria is a member of or has spoken to, researching all sorts of media contacts as well as any and every blog which has any political bent, business sources, etc.”

Yes, I am still laughing.

Kathryn Ballou goes on to state that there are 2 types of candidates. “Those who do the research and reach out to as many voters as possible and those who rely on special interests and Capitol contacts.”

I honestly thought she was being “good naturedly” again. Was she serious? If doing research to reach out to voters includes borrowing and grabbing unsolicited e-mail addresses for your campaign then I don’t think you’re much better than those special interest and Capitol contacts. In fact, just for the record, none of those special interest and Capitol contacts have ever spammed me before either, so that speaks volumes about the character of the Sheffield campaign.

She continues with, “With all due respect, the campaign reached out to you, and by so doing demonstrated respect for you as a Georgia voter. The campaign followed standard, social protocol by installing a user friendly opt out link.”

Respect? Spamming two of my e-mail addresses with unsolicited campaign e-mails is their way of reaching out to me and demonstrating respect to me as a Georgia voter? Pardon me while I try to remain “good naturedly” here, but that’s a load of bullshit and she knows it.

The Sheffield campaign did not reach out to me. They spammed me. They demonstrated a complete lack of respect to me as a Georgia voter by sending me a pair of unsolicited e-mails to two addresses that do not receive political notifications, except from one other candidate.

Until February 5th of this year I had no idea who Maria Sheffield was, and if her campaign wanted to reach out to me they could have done so using any number of means to do so, one of which is to contact me directly through my blog. Mrs. Ballou stated previously that the campaign was “researching all sorts of media contacts as well as any and every blog which has any political bent”. I guess scraping my addresses from one of their many sources was easier than finding 101 Dead Armadillos somewhere down the road.

The final paragraph of her response claims that the e-mail she sent had “fewer than 100th of a percentage point of people choosing to opt out”. There’s probably a good reason, or reasons why this is true.

The first could be that many of the e-mails sent were automatically marked as spam and deleted by anti-spam software before the recipients ever viewed them. Spam Assassin, the anti-spam solution we use on our servers give customers the option of automatically deleting spam. Recipients would never know they received the spam therefore they never would have opted out from the list.

Another possibility is that people didn’t see a clear and conspicuous explanation of how the recipient could opt out of getting email from them in the future. The CAN-SPAM Act, which applies to businesses contains seven main requirements.

  1. Don’t use false or misleading header information. Your “From,” “To,” “Reply-To,” and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message.
  2. Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message.
  3. Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement.
  4. Tell recipients where you’re located. Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations.
  5. Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests.
  6. Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act.
  7. Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible.

As you can see in this screen shot of the bottom of the e-mail that was sent, there are links to subscribe and unsubscribe, but they seem to get lost in all of the social networking, “paid for”, and other links polluting the bottom of the e-mail message. Basically, there is no clear notice that’s easy for an ordinary person to recognize, read, and understand that they can opt-out of receiving future emails.


The term “opt-out” doesn’t even appear in the e-mail message, and honestly, I doubt many of the people who “junked” the e-mail never even checked the bottom of the message before they clicked that “junk” button in their e-mail client.

So in summary, I was correct in suspecting that the John Oxendine campaign shared my e-mail addresses, which makes Tim Echols look pretty bad this evening since he assured me just yesterday that “We do not sell or give our list to anyone, so unless it was stolen or hacked, I don’t think it was from us”.

As an independent conservative in the state of Georgia, I choose to support the candidates who are the most fiscally conservative and hold themselves to the highest of standards and the strongest of ethics.

It may be a pipe dream to think that I might one day find a candidate who possesses all of those requirements but that hasn’t stopped me from looking for them. It also hasn’t stopped me from calling out those who claim to possess any of them when they clearly do not.

Slamming Into A Brick Wall

I’m still working hot and heavy on a project so here’s another short post tonight.

It seems that the Scott Brown win in Massachusetts special election to fill the people’s seat (formerly known as Ted Kennedy’s seat) has had a ripple effect in reality, or the Obama administrations perception of reality anyway.

Erroll Southers has officially withdrawn his nomination to run the Transportation Security Administration. Funny isn’t it? It was obvious from the beginning that Southers was not a viable candidate for the position because of his natural aversion to answering simple yes or no questions and his expertise in violating the privacy of everyday citizens. Yet, he stuck it out since September and was prepared to go the distance until it was painfully clear that the Democrats no longer had a filibuster proof majority.

President Barack Obama’s choice to lead the Transportation Security Administration withdrew his name Wednesday, a setback for an administration still trying to explain how a man could attempt to blow up a commercial airliner on Christmas Day.

Erroll Southers said he was pulling out because his nomination had become a lightning rod for those with a political agenda. Obama had tapped Southers, a top official with the Los Angeles Airport Police Department, to lead the TSA in September but his confirmation has been blocked by Republican Sen. Jim DeMint, who says he was worried that Southers would allow TSA employees to have collective bargaining rights.

I disagree that his nomination had become a lightning rod for those with a political agenda. His nomination had become a lightning rod for anyone who valued truth, justice, and privacy. He will never see it that way, but that’s okay. I’ve grown accustomed to the fact that many people associated with our current President couldn’t tell you the definition of truth and ethics if you gave them a dictionary.

You Can’t Buy Ethics

I apologize, once again, for the length of this post but sometimes you just need to get something off your chest. This will be my final word on this subject, but I won’t promise this is my final long post.

I had an interesting conversation via instant messenger with Josh Schnell this evening. It turns out, he felt I was the one being unethical for suspending his accounts when he has paid for service through April 3rd. It was the first I heard from him since our conversation during the evening of January 12th, when he led me to believe his account(s) had been hacked.

Before I get to this evening’s conversation, let’s review the events of January 12th and 13th, some of which I wrote about in my post “A Complete Lack Of Ethics“.

  • January 12 – 20:50 : I received a direct message from him asking what was up with the server, that DNS was not working, and that his account alpha-one was not receiving email.
  • January 12 – 21:17 : I received an email from PayPal notifying me that his hosting subscription had been cancelled.
  • January 12 – 21:28 : He told me that alpha one was not loading and mail was not being forwarded to Google mail.
  • January 12 – 21:30 : I check the WHOIS for his domain to find his name servers (DNS) has changed to and I let him know.
  • January 12 – 21:31 : He says, WTF. He acted shocked that the name servers had been changed.
  • January 12 – 21:36 : He leads me to believe that his account has possibly been hacked, and that he is “looking into it” with his registrar
  • January 12 – 21:47 : I let him know about the email notification of his account cancellation. He says, WTF, WTF, WTF, leading me to believe (again) that his account has indeed been hacked.
  • January 12 – 22:00 : I spend the next five hours checking server logs, comparing IP addresses, looking for signs of “the hackers”.
  • January 13 – 09:00 : I notify server techs on my end asking them to make sure everything on my server is secure.
  • January 13 – 11:00 : I happen to check WHOIS on his domain again to find it sitting at another hosting provider and different name servers than the night before.
  • January 13 – 14:45 : Server techs reply that there has been no apparent breach, all services are running fine, everything looks good on the server, but his passwords “could” have been compromised.
  • January 13 – 15:00 : Because I did not hear from him and he was not online, I decide to suspend all his accounts to cut off all external access to his accounts until I hear from him.
  • January 13 – 15:45 : I run a WHOIS query on each of his domains to see if the “hack” is widespread” and discover that almost all of his domains were transferred to the new hosting provider.
  • January 13 – 16:00 : I finish loading each of his domains in my web browser to find most of them are functioning properly, from the new hosting server. This raised the question, why would someone hack his DNS just to put up his own sites?
  • January 13 – 17:00 : After reviewing all of the WHOIS data which show the dates the registration information was last updated, I realize most of the accounts were moved over the course of the past month. At this point I realize I had been made a fool of.

I sent him two emails between 14:00 and 17:00 with no response. He was not online on the instant messenger, so I took action to protect his interests, as well as mine. Yet, tonight he claims I am the unethical one.

Six hours on Tuesday and eight hours on Wednesday were wasted looking for a “hacker” when in reality all I was dealing with was a liar. I’m the unethical one? Please. I was simply doing what I should have been doing to protect my server and my customers.

Before I begin discussing tonight’s conversation (which sheds even more light on the subject), let me be clear about a few items:

  1. I am not angry that he decided to switch hosting providers. I am angry that he played me for a fool by lying to me and wasting 14 hours of my time.
  2. I suspended his accounts because he led me to believe he had been hacked, and because he wasn’t online and didn’t respond to the emails I sent him, I did what I needed to do to protect the server.
  3. I have more respect for hackers than liars.

Now that we’re clear about the events on Tuesday and Wednesday, let’s discuss this evening’s conversation. When he messaged me I couldn’t believe he claimed I was the one being unethical after everything that had transpired. The reason I am posting this conversation is simple. He claimed this evening that he was not lying, but the facts don’t lie. During the conversation I realized some things just were not true. After the conversation I stepped away for a few to get a bite to eat and I realized some things just didn’t add up. So here it is, because I need to get this off my chest as well.

First of all, I find it interesting that I didn’t hear a single word from him for 66 hours. Our last conversation ended on January 12, at 9:53 pm, he finally contacted me this afternoon at 3:59 pm. If your account had been hacked, or you had led your hosting provider to believe your account may have been hacked, wouldn’t it be prudent to contact them as soon as possible to find out if it had indeed been hacked? Oh, that’s right, we all know it wasn’t hacked now, don’t we?

3:59:14 Josh Schnell: can you please explain to me why the account has been suspended when we’ve paid for the next three months?
4:35:55 Josh Schnell: you know. I fail to see how me paying through until march is unethical.
4:36:51 Josh Schnell: asking for support on something you paid for is completely within my rights.

6:15:09 Michael Barrett: asking for support for something that doesn’t exist, leading me to believe everything is kosher with us, is unethical. I spent 14 hours looking into your problem, even contacting others that I know who might help, and for what? You had already transferred the account. The reason email was not working and dns was not working is because it wasn’t assigned to my server anymore, yet you led me to believe (with all your WTF statements) that you had nothing to do with the changes… That sir, is unethical.

As you can see, there is a gap between his messages and my response, as I was away from my desk running errands this afternoon. I found it hilarious at the time that he thinks he has “rights” on my hosting server. He has an account. He pays for that account. He enjoys a few privileges and has access to certain software, but I wouldn’t call those “rights”. His account, like all of the others on my server, is subject to specific terms of service.

There are a few key points of our terms of service which apply to Mr. Schnell’s accounts (especially when I thought his account(s) may have been hacked).

From section 2:

  • Failure to respond to email from our abuse department within 48 hours may result in the suspension or termination of your services.
  • It is your responsibility to ensure that scripts/programs installed under your account are secure and permissions of directories are set properly, regardless of installation method

Although section 3 applies to spam, one paragraph applies because I was led to believe the account(s) may have been hacked:

  • We reserve the right to require changes or disable as necessary any web site, account, database, or other component that does not comply with this policy, at its sole discretion. We also reserve the right to make any such modifications in an emergency at our sole discretion.

From section 6:

  • We reserve the right to cancel the account at any time.

Simply paying for hosting service does not imply that your account will not be cancelled or suspended for any reason before the hosting period has expired.

I don’t think anyone would think it was unethical to cut off the “hackers” before they caused more trouble. I don’t think anyone would think it was unethical to suspend the accounts to protect other customers on the server. I received no response from Mr. Schnell for 66 hours. I don’t think anyone, except Mr. Schnell, would attempt to claim I was being unethical in this situation.

The conversation continued.

6:15:50 Josh Schnell: first, we’re planning on staying with you. We’re setting up a backup server, and a load balancing server. Second, I’ve paid until March 2010
6:16:18 Josh Schnell: What’s unethical is taking my 90 dollars, and cancelling my account without discussing any of this with me

6:16:54 Michael Barrett: Yes you have paid through March, and no one said your accounts would not be unsuspended. They were suspended when I realized there was an issue with the DNS, to make sure hackers could not get in. THAT is ethical.
6:16:59 Michael Barrett: I have cancelled nothing
6:17:03 Michael Barrett: I have terminated nothing
6:17:13 Michael Barrett: I was protecting you based on our CONVERSATION here on IM.
6:17:17 Michael Barrett: Nothing more

When we last spoke, I was under the impression he had been “hacked”, yet now we’re discussing a backup server AND a load balancing server.

When you set up a “backup server” you don’t necessarily redirect all of your traffic from your main server to that backup. You can initiate changes much easier than changing your name server at the registrar level to test the backup server. I’ve been in the business long enough to smell bullshit when it spews from someone’s mouth.

Maybe if I had heard from him before 66 hours passed, I wouldn’t have felt the need to suspend (not cancel) his accounts, and I might have been able to discuss it with him. I took the appropriate action with the information (or lack thereof) I had at the time.

The “backup server” story was bad enough, but it didn’t end there.

6:17:37 Josh Schnell: The DNS was faulty, and mail was not being directed.
6:17:45 Josh Schnell: For three websites
6:17:49 Josh Schnell: not just the alpha one server

6:17:51 Michael Barrett: The DNS was working perfectly based on the response I got from Media Temple

6:17:56 Josh Schnell: the eastscene account wasn’t getting mail
6:18:02 Josh Schnell: as well as another
6:18:24 Josh Schnell: there was most certainly a dns server issue

6:18:37 Michael Barrett: Not on my server there wasn’t

6:18:44 Josh Schnell: well, i’m glad to hear that

He claimed his alpha one account was not the only one with an issue. He claimed that he had issues with his eastscene account as well as an unidentified “other” account.

It’s funny how domain registration works. Each time you modify your domain record at the domain registrar, they keep track of those changes. From the moment you create the domain name until long after it’s cancelled, they have a record of each change made to the domain registration. Every change to the domain record is time stamped, and every domain registrar updates their “Last updated” record with that time stamp.


Remember, our initial conversation took place on January 12th, three days after the name server change was complete. The only DNS server issue that could have existed would have originated on his new server, not mine. The domain record clearly indicates that the domain name servers were not pointing to my server three days before this incident occurred.

He went on to state,

6:19:12 Josh Schnell: I wasn’t getting email… so I contacted my hosting company
6:19:42 Josh Schnell: I’m not sure what the heck warranted the post on your blog, or my account being suspended.

6:19:58 Michael Barrett: of course, you could have discussed that with me, rather than pretending that the dns wasn’t working because you had already initiated the change on the DNS. See, I know the dates and times the changes took place too. Our conversation was quite a while after you changed things… yet you pretended to not know why it was changed.
6:20:05 Michael Barrett: you pretended you might have been hacked.

6:20:21 Josh Schnell: you’ll never believe me, and I’m fine with that. But, I swear to god I thought there was a DNS issue

Apparently, he contacted the wrong hosting company, because as you can see in the image above, my server was no longer controlling his DNS. Before I continue any further, let me state that I have screen captures of the WHOIS records for each of his domains. I learned the following from those WHOIS queries:

  • was updated on January 12th, the day all of this took place, which means the change was submitted before our conversation that evening.
  • Seven other domains were changed before the 1st of the year.
  • One domain was changed on January 3rd.
  • Five domains are still pointing to my server.

Two-thirds of his domains were set to point to his new server days, even months, before he contacted me about this issue. He’s right, I’ll never believe him so he better be fine with that.

6:21:55 Josh Schnell: Which sites are on the server or not, isn’t the issue here. The issue is that I paid until March, and here I am with my money gone, and an inability to access client accounts.

Which sites are on my server was the issue. It still is the issue. I was told there was a DNS and email issue with, on my server, when the domain registration was clearly pointing it to another server. I was led to believe his account may have been hacked when he knew full well that he had initiated a change to the domain record that very day. He lied to me and wasted my time which could have been spent helping customers who actually needed something done. Which sites are on the server or not was, and still is, definitely the issue.

6:22:04 Michael Barrett: I could really care less if you were planning to move. I said so in the post, and i have said so with everyone I have discussed it with

6:22:16 Josh Schnell: Except me

6:22:23 Michael Barrett: You leaving is not my concern. What concerns me was the way you lied to me when we chatted the other night
6:22:24 Michael Barrett: Period
6:22:26 Michael Barrett: dude
6:22:35 Michael Barrett: You are acting like a victim. Look at your dns changes.
6:22:41 Michael Barrett: Macgasm was changed in OCTOBER

6:22:43 Josh Schnell: you can play the hurt card, but i’ll say it again…

6:22:48 Michael Barrett: I am not hurt
6:22:50 Michael Barrett: I told you that

6:23:03 Josh Schnell: then please restore my account, and files, in accordance with my payment.

6:23:07 Michael Barrett: Your account will be unsuspended sometime tonight.
6:23:11 Michael Barrett: Excuse me
6:23:18 Michael Barrett: Your payment does not guarantee anything
6:23:35 Michael Barrett: if I suspect something nefarious is taking place I can suspend or terminate accounts
6:23:38 Michael Barrett: read the terms of service
6:23:40 Michael Barrett: BUT

6:23:43 Josh Schnell: Dude, really? I’m hosting with you for over a two years now.

6:23:45 Michael Barrett: I will unsuspend them tonight

6:23:50 Josh Schnell: Thank you

Yeah, that’s waiting for a bit. I know, I know that I promised him his account would be unsuspended tonight but that’s going to have to wait until I remove all of the “special” features he was not paying for, you know, in accordance with his payment. Once I have those changes complete, I will be unsuspending his account(s) even though they don’t point to my server any longer. I’m just not sure what I should do about all that space that is being used and never part of the plan. I wonder what I can do about that in accordance to his payment?

Sadly though, it didn’t end there.

6:25:18 Michael Barrett: The DNS for Macgasm changed in OCTOBER. The change on alpha-one was submitted BEFORE you had the conversation with me. so how do YOU justify all the “WTF’s” when I mentioned the DNS had changed

6:25:33 Josh Schnell: i forgot about editdns…
6:25:40 Josh Schnell: here’s i’ll log in and get you a screencap
6:25:44 Josh Schnell: or at least try to

6:25:48 Michael Barrett: But YOU knew you had submitted the change

6:26:03 Josh Schnell: editdns had been the alpha—one dns since the beginning

6:26:05 Michael Barrett: and YOU led me to believe something nefarious was going on, hence the reason your accounts were suspended

6:26:07 Josh Schnell: beginning
6:26:16 Josh Schnell: i haven’t changed it
6:26:20 Josh Schnell: because they’re charging now
6:26:49 Josh Schnell: restoring my account. I’ll get you a screen cap
6:27:35 Josh Schnell: i don’t even know what email it’s going to

At this point in the conversation he directed me to an image he had uploaded (I am not posting that url here because you know that might not be ethical). Anyway, the dateless image showed a lot of dns entries at editdns some of which pointed to my server but it also had the following disclaimer at the top of the page:


“Your domain is currently suspended and will not resolve. Please contact EditDNS Support for more information”.

Wow. Maybe that’s why DNS and mail were not working for the domain or any of them hosted using his name servers? The WHOIS record I pulled today clearly shows that his dns record for alpha one had indeed changed on January 12th.


At this point, I should have ended the conversation. There was no need to keep rehashing the same information. It was clear he was not going to apologize for leading me to believe his account(s) had been hacked, and I wasn’t going to believe another word he said. Then he said,

6:32:53 Josh Schnell: see. i didn’t change the dns.
6:33:00 Josh Schnell: it’s been like this since the beginning

Without dragging this out much further, he went on to say that the reason he moved “a couple” sites over to his “backup” server was because he “panicked”.

6:33:29 Michael Barrett: You panicked, and moved ALL your sites to another server?

6:33:41 Josh Schnell: we have a backup server
6:33:47 Josh Schnell: for a client
6:33:56 Josh Schnell: so i moved a couple sites over there

Funny thing that panic. It took place days and months before January 12th.

6:34:45 Josh Schnell: i changed them after our conversation
6:34:56 Josh Schnell: they were backed up there

The only site moved on January 12th, you know at the time of the “hack”, was Was that some sort of “pre-panic”?

He claimed that if he was attempting to screw me over he would have never paid for three months, and he would have made sure everything was moved before then without saying a word. By the looks of things to me and all these screen captures, just about everything was moved before he uttered one word on the 12th.

At the end of the conversation we were discussing name server changes and backup servers. I pointed out that it didn’t make much sense to have a backup server where you had to update your name server record to allow access to the backup because propagation of the name server change can take up to 72 hours.

6:39:50 Josh Schnell: when some clients rely solely on the Internet for income, relying on one server is a bad practice

6:41:06 Michael Barrett: I know it is. But name server changes can take 72 hours to propagate through the Internet. so using a backup server at a different location rather than at one where the IP for the name server can be changed quickly eliminates that as a suitable “replacement” during down time for one server.

6:41:26 Josh Schnell: “upto” is the key word there

We both agreed it usually doesn’t take that long, in fact it’s much quicker. And then he added,

6:41:33 Josh Schnell: servers update a lot quicker

6:41:37 Michael Barrett: not always

6:41:44 Josh Schnell: alpha-one switched in 20mins for me

Wow. The same account he said he didn’t change was switched in 20 minutes when he changed it.

Like I said in my original post, and reiterated at the beginning of this post, I am not angry that he chose to change hosting servers. If was angry about that, I would have just terminated the hosting accounts. All of them. If I was angry that he changed hosting servers I never would have made my original post or this one.

I am angry because I was lied to. I am angry because I wasted 14 hours trying to solve a problem that did not exist. I am angry because I spent two years hosting his sites, kicking in extras along the way, only to be lied to, not once, not twice, but several times over the course of both conversations.

So why should I believe anything he stated in either conversation?

Throughout tonight’s conversation I was told that all this occurred because he was setting up a ‘backup server’ yet it turned out to be a “backup server for a client”.

I was told to restore his account and files in accordance with his payment, even though I had suspended his account(s) in accordance with the terms of service because I was initially under the impression his account(s) had been hacked.

I was told he never made changes to his dns for the alpha one account and that he ‘panicked’ and moved a couple sites on the 12th even though all but one site were moved long before the 12th.

At no time today did he apologize for leading me to believe his account(s) had been hacked. At no time today did he offer any explanation as to why all of the accounts were moved before the 12th. At no time did he apologize for lying to me. That is the most disappointing part of the whole thing.

When confronted about the entire ordeal he disregarded every statement I made about the “hack”, yet he was most adamant about being “paid up until March”.

Forget the fact that I busted my ass to make sure his data was secure. Forget the fact I spent 14 hours searching for clues. Forget the fact that I have spent the previous two years making sure he had the best customer service you’ll find in the web hosting industry.

Well, I’m done.

It’s obvious that he is not going to man up and apologize, but that doesn’t matter anymore. He proved his worth today, and that’s not saying much at all.

I have made significant changes to his account(s) removing every “extra” I have added over the past two years and restoring all of his space and bandwidth limitations per our original agreement. He paid for three months of hosting, and now that I know his account(s) were not hacked, he will get the remainder of his three months (as long as he does not violate our terms of service). He will be billed accordingly for any extras and overages that may occur on his account, just like every other customer hosted on my server.

Since money is so important to him, I will honor his subscription term, at which time his accounts will be terminated. Too bad you can’t buy ethics, I’d gladly refund his money if he promised to buy some.