The companies that sell domain names have pushed back on proposals made by law enforcement yesterday to change their contracts to make cybercrime more difficult. Calling the proposals “policy by the back door”, the registrars complained to members of ICANN’s Board in Brussels that the Registrar Accreditation Agreement (RAA) …
Speaking about nasty, horrible changes, but not telling what are they. Excellent. MOaaaaaar.
You see that red text?
That's a link. If you click on it it takes you to the story El Reg published just this morning detailing the proposed changes.
What's this, the drug dealers meeting with the cops to discuss how to combat the war on drugs?
ICANN, ARIN, etc.. these "non-profits" are the criminals.
ICANN has been dictating how the internet should be ran "with help from the corporations and people that fund it" for years.
The domain market is a complete craphole as companies like DirectI and it's affiliates make a mockery of the whois system.
Once upon a time a domain depending on it's popularity might have someones home address in the whois, or a corporate address if it's larger. Im all for not listing someones home address but in those instances there should of been methods to get mail to the individual with help from the domain companies.
I say this with experience when using godaddy years ago. The whois info you had on your domain was kept seperate from the information they had on you. While they published whois details based on the information provided, they always had 'billing" info that was kept off the whois or on it if you provided it for the whois. Things might be different now, but the people collecting the money know how to contact you.
It's very easy to register adiasdisadias.com, be up and running in a few hours on a taxpayer funded hijacked overseas network thanks to organizations like the Internet Society that get funded by yes your taxes (in part). It's such a good idea to wire up the third world, I love trying to track abuse when networks aren't identified or when I find myself emailing abuse contacts only to have those abuse contacts be the people behind the spam and trouble to begin with. With each abuse e-mail we send like that, I think we're just inviting more spam because they see the email address works.
When you have a shield of anonymity it opens the doors to pretty much do whatever you want and when your doing it on hijacked networks paid for by yourself it's all a losing battle.
you've had a bad experience buying useless domain names ..
being someone that's runs 100s of domains and uses Godaddy .. you sound like a bitter idiot ..
"I love trying to track abuse when networks aren't identified or when I find myself emailing abuse contacts only to have those abuse contacts be the people behind the spam and trouble to begin with. With each abuse e-mail we send like that, I think we're just inviting more spam because they see the email address works."
no shit .. proof you are an idiot ..
SPAM can be controlled at the ISP level .. AT&T does a very good job of it actually ..
Any change that annoys the spammers is a GOOD change
As long as the rules of the game are the same for all of the registrars, I don't think they have ANY leg to stand on. ANY change that bothers the spammers is a GOOD change. Period.
Actually, I think the registrars should be one of the prime targets of the strong anti-spammer tool I'm waiting for. Google, are you listening? I want an industrial strength version of SpamCop, which currently makes a pretty good effort to find the ISP and a rather feeble effort to identify the webhost. The REAL anti-spam tool should go after ALL of the spammers' accomplices, and the domain registrars are HIGH on that list of targets. The domain registrars need to be vigorously sorted into the legitimate victims (playing on an even playing field) and the illegitimate spammer facades--and the facades need to be boarded up, fast and hard, with some barbed wire thrown in for luck.
Try to imagine how much value would be added to the Internet by the removal of most of the spammers? I actively want to be able to fight the spammers more effectively. I hope you would, too, but I don't mind if you just want to benefit from the efforts of people like me who really HATE the spammers. Don't you want to join a vigilante army of good Samaritans against spammers? Don't you want to become a spam-fighter first class?
One problem with that
Spammers sometimes lie about the 'from' part of an email.
I have one domain in particular that seems to be on every spammers list (foolishly I used auto-submission software in 1998, but I was young and carefree and it was my first domain). This domain is regularly spoofed as a from address for spamming campaigns. And -as far as I know- there is absolutely *nothing* that either I or ICANN can do about it.
In addition to the 2000+/day spams I get on that domain; periodically I'll get monstered with 'undeliverable' error messages and I heave a deep sigh and wait for the abusive emails to come rolling in...mind you, it is still a source of wry amusement that after all this time the first instinct of people is to send an abusive email to people who they think are spamming them. Like that would help get them of the list even if they did find the right person.
I haven't yet seen a 'magical' blanket solution that wouldn't also get me nailed as an 'accomplice'. Believe me, if there was legislation passed to stake spammers out on anthills; I'd be the first in the queue and I could supply my own tent pegs, paste-brush and honey. But also, I don't want to be shut down because of some well-meaning but essentially stupid legislation- I suffer enough at the hands of the bastards already.
Do you have SPF in place
SPF does it least help in that it indicates the spam didn't come from your domain in the first place.
Doesn't help with average home users receiving the spam but if ISPs used SPF to filter out emails enroute.......
I shall investigate that...
It does need to be fixed
It's clear that there is a problem with the system the way it stands, but I really don't want "law enforcement" to be fixing it. That's almost guaranteed to make things worse.
As it stands private people are putting up their home addresses and home telephone numbers for all to see. That is wrong. Actually, to have either of those as a requirement is discriminatory to my way of thinking. Certainly to force people to buy a telephone subscription which they might not otherwise need (at ~$40 per month), is wrong.
At least in this country, one can get a passport or drivers licence without being forced to make your personal information public or get a phone . Why should a domain name rank higher than those?
In the UK
you can keep personal details hidden provided you are a private individual using the domain for non-business purposes.
If you are trading, you need to have a proper address available.
(I nearly shopped a small online medical services company to Nominet because the domain registry info didn't have the trading address.)
A lot of the net's problems
come down to monetising domain registry... Look what its brought us, cybersquatting for instance first positioned the net as a suitable place for get rich quick fraudsters and scammers to make easy money, spam domains, search engin posoning, all the rest of it.. But what they're not doing is actually creating any value.... If such people are complaining abput legislation then there's a chance the legislation may not be that far off the mark...
Licence to print money
If you are a domain registrar you have been given a licence to print money, and an ever increasing amount of it as ICAN allows more and more unnecessary top level domains. Anything which makes them examine more carefully who their clients are, can only be a good thing.