Acceptable Use Policy

Last updated: May 4, 2026

Contents

1. Purpose and Scope
2. Prohibited Conduct
3. Email Use
4. BGP Announcements and Routes
5. Abuse Notifications
6. Cooperation with Authorities
7. Consequences of Non-Compliance
8. Contact

1. Purpose and Scope

This Acceptable Use Policy (hereinafter, "AUP") governs the authorised use of the IPv4 Subnets assigned by XNET CORE SL to the Client. Compliance with this AUP is an essential condition of the service contract. This AUP applies to all assigned IP addresses, regardless of the ASN from which they are announced.

2. Prohibited Conduct

The Client undertakes not to use the Subnets for:

Sending unsolicited commercial communications (spam) by any means: SMTP, SMS, instant messaging, forum comments, etc.
Phishing, identity theft, distribution of malware, trojans, ransomware or any malicious software.
Denial-of-service attacks (DoS, DDoS, amplification, reflection) against third parties, regardless of their origin or destination.
Unauthorised mass scanning, attempts to exploit vulnerabilities in third-party systems, or offensive reconnaissance.
Distribution of copyrighted content without a licence, illegal pornographic content, content that promotes violence, terrorism or hatred.
Operation of botnets, unauthorised cryptocurrency miners on third-party equipment, fraudulent or abusive proxy networks.
IP address spoofing, sending falsified traffic, or using the IPs as an attack amplifier.
Hosting malware control panels, Tor exit nodes without prior notification, cryptocurrency mixers, dark markets, or fraud platforms.
Any conduct that may result in the Subnets being listed on relevant public blocklists (Spamhaus SBL/CSS/XBL/PBL, Barracuda, SURBL, UCEPROTECT L1).
Any unlawful activity or activity contrary to applicable Spanish, European or international law.

3. Email Use

If the Client wishes to use the Subnets for sending transactional or commercial email, they shall:

Maintain recipient lists with express consent (opt-in).
Properly configure SPF, DKIM and DMARC records on the sending domain.
Notify XNET CORE of the use case during service activation.
Maintain a contact mailbox and a public unsubscribe mechanism in each commercial send.
Not exceed sending rates that generate alerts on blocklists or feedback loops of major providers (Google, Microsoft, Yahoo, Apple).

XNET CORE reserves the right to require progressive warm-up of new IPs and to limit volumes until sending quality is verified.

4. BGP Announcements and Routes

The Client shall announce the Subnets only from the ASN previously declared to XNET CORE.
The Client shall publish a ROA in RPKI for each Subnet using the authorised ASN.
Announcement of more specific prefixes (de-aggregation) beyond the minimum granularity published in the ROA is not permitted.
The Client shall cooperate in the debugging of routing incidents (BGP hijack, route leaks) within reasonable timeframes.

5. Abuse Notifications

The official abuse contact is abuse@ip4.market. XNET CORE forwards received notifications to the Client and expects them to be addressed within the following maximum timeframes:

Active phishing and malware: 4 hours.
DDoS, scanning, ongoing abusive behaviour: 12 hours.
Spam, blocklist hits: 24 hours.
Other notifications: 72 hours.

The Client shall retain sufficient logs to investigate incidents for a minimum of 30 days.

6. Cooperation with Authorities

XNET CORE shall cooperate with competent authorities (State Security Forces and Corps, judges, prosecutors, CERT teams) in the prevention and investigation of unlawful activities, as legally required. When it receives a judicial or equivalent request, it may provide the Client's data and suspend the service without prior notice if so required by the authority.

7. Consequences of Non-Compliance

In the event of a confirmed breach of this AUP, XNET CORE may adopt, in order of severity and always proportionally, the following measures:

Notification to the Client with a remediation period.
Outbound traffic filtering or rate limiting.
Temporary suspension of the involved Subnets.
Withdrawal of the LOA and revocation of the ROA.
Termination of the contract with immediate effect and claim for damages.

In cases of serious unlawful activity or judicial request, measures may be adopted without prior notice.

8. Contact

Any questions about this AUP or reports of misuse may be directed to abuse@ip4.market (incidents) or info@ip4.market (general enquiries).