KnujOn Updates Top 10 Spam-Friendly Registrars List 80
alphadogg writes "Some companies are more popular than others for spammers wanting to register their domain names. Spam-fighting organization KnujOn has updated its report on the top 10 registrars whose customers are linked to spam and other illicit activity. (We discussed the original report last year.) These 10 companies registered 83% of the domains spammed in KnujOn's sample of spam between June and January. KnujOn found that some companies have cleaned up their act in recent months and that others — most surprisingly, Network Solutions and GoDaddy sister company Wild West domains — have popped up on the list. At the top of KnujOn's list, for the second time in a row, is Xinnet.com, a Chinese registrar linked to more than 3 million spam messages. KnujOn recommends that ICANN threaten to pull Xinnet's accreditation, as it did for some of the offenders on the previous list."
Re: (Score:1)
Domainsite is on the list because they have just about the cheapest prices on the planet.
Hope they don't come out on the bad end of something, the support is top-notch. I actually got a phone call from the owner on one occasion because an order was interrupted halfway through, and when I called the one time that their management backend was down I actually got to talk to a real live person.
Try that with GoDaddy.
Disclaimer: I am not an employee of domainsite but I have a lot of domains hosted there.
Bug (Score:3, Informative)
Subscribers get to see articles before they are posted on the main site (but they can't comment on them till they go live). To make it obvious that these were stories that havn't gone live yet, they are displayed with a red title. At some point in the transition to the new firehose-integrated index page, this code was broken and now sometimes live stories will be displayed with the red title. It's been like this for months, however, it appears that the slashdot team would rather spend time ruining the profi
Threaten?? (Score:1)
Just pull the plug on them, on the whole internet for that matter. That'll teach those spammers a lesson!
Blacklisting registrars (Score:1, Interesting)
Is there any easy, automated mechanism to find out who the registrar of a domain is? This information could be very useful to spam filters and RBLs based on registrar could then exist.
WHOIS doesn't count, as it's not designed for mass querying.
If there isn't such a mechanism, I think that it could be a very useful thing that ICANN could do.
Re: (Score:2)
Now, if accreditation were pulled, then obviously I'd want to change registars, and it wouldn't be a problem.
Re:Blacklisting registrars (Score:5, Interesting)
I don't need my personal email suddenly being marked as spam on accident because my domains are through one of those registars.
I don't think it would work like that... this isn't a list of where the spam comes from... that is presumably bot nets. This is a list of what domains are being advertised in the spam. So, you'd look up the registrar of each domain mentioned in an email. If the registrar is a big spammer, you'd give them a few extra points toward their spam score. Wild West wouldn't get too much of a penalty, since only 0.36% of their domains are spamvertised. On the other hand, anything mentioning a "Planet Online" domain is much more likely to be a spam message... a whopping 39% of their domains have been spammed.
The only way this would harm you is if you send out bulk email to your customers, they are somewhat spam-like, and they don't have you whitelisted.
Re: (Score:2)
a whopping 39% of their domains have been spammed
I would think that a whopping 100% of domains have been spammed. Did you mean that 39% have sent spam?
Re: (Score:2)
No, as I said, the mail does not come from the domains... it comes from bot-nets. However, 39% of their domains have been mentioned in spam. I probably should have used the word "spamvertised".
In any case, filtering your mail by giving a high score to any mail with one of their domains in the body would probably be a good move :)
Re: (Score:2)
Re: (Score:1)
The point is that the sender does not know that the false positives were deleted and NOT RECEIVED. IF it had been blocked at the server instead of filtered, the (legitimate) sender would get a message to that effect from his own
Re: (Score:2)
Re: (Score:2)
I hate any kind of spam filter that just blocks email. Email should always be received in the worst case it should go to a junk folder.
Spoken like someone who has never administered a mail server for more than 3 users.
Spam/Email Marketing is not bad compared to most things. Deal with it!!!
Spoken like a spammer.
Excellent (Score:2)
The registrar I use has dropped off the list. I no longer have any qualms about signing up for a reseller account with them. :-)
It's Not the Registrars, it's the System (Score:4, Insightful)
Maybe some registrars are more spam-friendly than others, but as long as domains are so absurdly cheap, there's not a lot registrars can do to prevent abuse. If they freeze one domain, the spammer or phisher or whatever just spends a few bucks to get another one.
Ever get spam from Continental Who's Who? They use a different domain name with every daily email!
Not that I think it will ever happen, but I'd dearly love to go back to when domain registration was a monopoly, and a second level domain cost you $50 a year. That's not a lot compared to the cost of maintaining a high-visibility web site — and low-visibility sites don't need second level domains. This situation ended when people started whining about getting "ripped off" by registrars. Opening up competition brought registration fees down, but it also destroyed service levels and enabled another kind of ripoff: squatters who can afford to register thousands of domains on the off chance that somebody might be willing to pay a few thousand bucks to use them.
Re:It's Not the Registrars, it's the System (Score:4, Interesting)
Maybe some registrars are more spam-friendly than others, but as long as domains are so absurdly cheap, there's not a lot registrars can do to prevent abuse.
They can have an automated call-back system like my bank does... that way even if the credit card they are using is stolen, they'd still have to provide a phone number each time they register a domain.
It would be trivial to track purchasing behavior based on phone numbers, and this would force spammers to somehow get access to a new phone number each time... raising their cost somewhat.
Re: (Score:3, Informative)
It would be trivial to track purchasing behavior based on phone numbers, and this would force spammers to somehow get access to a new phone number each time... raising their cost somewhat.
http://www.tossabledigits.com/ [tossabledigits.com]
Re: (Score:2)
That's pretty good, and sort of what I was talking about upping their cost a bit.
But I can think of some countermeasures. It's an arms race... there's no solution that will one day solve spam, you just have to keep making it more expensive for them.
Re:It's Not the Registrars, it's the System (Score:5, Informative)
Re: (Score:2)
So what? It's not that hard to fake registration data. The registration data for my own web site is bogus, because I registered it before registrars started offering anonymous registration.
Re: (Score:2)
Re: (Score:2)
Right, and when was the last time you heard of that happening to anybody?
A long time ago, when I was still silly enough to think I could help stamp out spam one spammer at a time, I looked up the whois entry for somebody who was spamming me. The phone number was useless (don't recall whether it was bogus or just didn't pick up) so I found out who lived at the address given and called them. It was an old woman who didn't even own a computer.
I presented this evidence to the registrar — and got nowhere.
Re: (Score:2)
Congratulations! Your email to my registrar forced me to correct my registration info. Now that you've forced me to Do Things Right, you only have 1,532,438,221 bogus registrations to go before you've totally cleaned up the registration system!
Then again, all I did was click a button that set all my contact info to the "anonymous" values they provide. (They didn't provide this service when I first registered.) So I've just replaced one set of useless data with another.
But while I was doing this I noticed th
Re: (Score:2)
And the reason the registrar made you change your WHOIS info is, if they allow customers to repeatedly use fake WHOIS info, they could lose their accreditation. Any legit domains could be moved to a compliant registrar, while the spam domains get revoked.
Oh, and people
Re: (Score:2)
You don't need to raise the price, just raise the minimum initial price. If it's currently $10/year, leave it at that price, but set an initial minimum 5-year registration. For real domains, that's fine. For spammers and squatters, that's a significant bump in their costs.
Re: (Score:2)
Actually, it's a lot less than $10 if you register a lot of domains at once. And no, forcing squatters to buy multiple years at once won't raise their average costs much, because squatters often hold on to their domains for years before finding a buyer. I suppose spammers might be hurt, but given the scale of the spam business, not by much.
Anyway, what is the big deal about $50 a year? If your web site has any volume at all, it's costing you thousands to to keep the lights on. The day when you could host a
Re: (Score:2)
Anyway, what is the big deal about $50 a year? If your web site has any volume at all, it's costing you thousands to to keep the lights on.
Really? I bought in to DreamHosts's new-year's special: $64.44US for two years, including domain name. I would think that if domains were $50/yr instead of $10/yr, I'd likely not have received such a low price. Even at their best rate (bought ahead of time) of $6/month, a jump in registration price of $40/yr (approx $3/month) would likely be noticeable.
Re: (Score:2)
Yes, and DreamHost is so reliable.
That was sarcasm. I used to use them, and bailed after not being able to get my email with any reliability for days at a time. And while they offer uncapped bandwidth, I'm dubious of their ability to actually provide it. Couldn't say for sure, because I never served that many bits.
That "best price" you mention requires a ten year up front payment. Having walked away from $60 or so in advance payments I'd already made to them, I'd think twice about giving them $700.
I'll say
To summarize the summary, people are the problem. (Score:2)
and low-visibility sites don't need second level domains
Long-lasting websites need domains at whatever level puts them outside the control of a single ISP or ASP. If that's the second level, then that means they need SLDs. If there's a third level that you can just register a domain under without being tied to a given ISP (eg, state.us), then they need that kind of third level domain.
The thing is, if you made SLDs unaffordable, then there would be a demand for reliable third-level registrars, and many many
Re: (Score:2)
The thing is, if you made SLDs unaffordable, then there would be a demand for reliable third-level registrars, and many many people would switch to using reliable 3LD registrars, and the same problem would exist at the third level instead of the second.
Yes, but then you'd have an easy way to identify domains from a spam-friendly registrar: just look at the 3LDN. You can't do that with 2LDNs registered by Wild West (not without a whois lookup, which adds too much overhead) and even if you could, you'd end up filtering a lot of innocent sites.
Anyway, I question your definition of $50/year as "unaffordable." Even annual hosting costs on a minimal web site are more than that. Most people who maintain real web sites could easily afford it. A few would switch
Re: (Score:2)
Yes, but then you'd have an easy way to identify domains from a spam-friendly registrar: just look at the 3LDN.
You mean like .co.uk?
and even if you could, you'd end up filtering a lot of innocent sites
Um, why would you not expect that to be a problem for 3LD registrars?
Anyway, I question your definition of $50/year as "unaffordable."
Oh, sorry, I thought that was just an example. If you want to keep spammers from buying and throwing away domains you need to make it too expensive for them, and I doubt $50 wou
Re: (Score:2)
Um, why would you not expect that to be a problem for 3LD registrars?
Because if everybody's getting spam from *.welovespam.com, nobody's going to want to register in that namespace.
If you want to keep spammers from buying and throwing away domains you need to make it too expensive for them, and I doubt $50 would be enough to do the job... and once you get the price high enough to deter spammers, it's going to deter non-spammers as well.
To be honest, I suppose I'm really bitching about the fact that people decided that registration costs were too high, and bitched about it until the marketplace was made competitive. This meant you could renew your domain for a small annual fee, but also that you can't get a really useful domain name without paying a lot of money to a squatter. Ironic, no?
But back to spammers. Spam is profitable b
Re: (Score:2)
Because if everybody's getting spam from *.welovespam.com, nobody's going to want to register in that namespace.
With Tucows and other people offering reseller-in-a-box packages, you really would just be pushing the problem one level down. It wouldn't be "*.welovespam.com", it would be a "*.cool.com" that had 30,000 legitimate domains by the time one of their resellers turned pink.
But for me, the $50 figure always comes to mind, because I remember everybody whining about it when Network Solutions had a monop
Re: (Score:2)
Oh well, OK then. I still want to go back to expensive domain names (I'll see to it after I've finished selling skis to Satan) but I'll concede that it probably wouldn't impact spam much. Then again, nothing will, short of a meaningful ID infrastructure so that somebody who wants to send you email has to actually identify themselves. So all this ranting against "spam-friendly" service providers is really silly.
$50 was the price charged by NS when .com and the other major domains were first invented. I forge
Re: (Score:2)
Extending the TCPA to cover spam, so you could sue spammers in small claims court for $250/incident, like you can sue telemarketers, would probably do the trick. But it'll never happen.
Re: (Score:2)
How do you bring somebody to small claims court who lives in Russia or Nigeria? How do you even trace the origin of spam from a botnet?
Re: (Score:2)
The biggest source of spam is the united states. If you could effectively eliminate US spam it would have a huge and permanent impact on the spamosphere.
You don't need to trace the origin cold, or even at all. For a spammer to make money he has to tell the customer how to find him. You follow the money.
We don't like you so pull their accreditation (Score:2, Insightful)
While I'm not saying that spam is good by any means, the argument of "we don't like you so ICANN should pull your accreditation" is a fairly stupid one.
Now, if they're involved in something illegal - not annoying/immoral - then I'd like to see that argument made; however, the argument KnujOn currently makes is "we don't agree with how you're running your business, so we think you should be put out of business."
That, I believe, is pretty fucking stupid.
Comment removed (Score:5, Informative)
Re:We don't like you so pull their accreditation (Score:4, Insightful)
IIRC, the contractual basis that they are going after is whois records. The spam-friendly registrars obviously have fraudulent whois records, which is a breach of their contract with ICANN.
Spammers will not have legit whois records because this would probably result in their arrest :)
Comment removed (Score:4, Insightful)
Re: (Score:2)
> Now, if they're involved in something illegal - not annoying/immoral -
> then I'd like to see that argument made; however, the argument KnujOn
> currently makes is "we don't agree with how you're running your
> business, so we think you should be put out of business."
In a lot of places, spam and other forms of service/resource theft ARE illegal.
Just thought I'd point that out.
It's like retail shoplifting.... you and I both pay higher prices so retail stores can cover their shoplifting losses. Spa
actually... (Score:2)
if they're involved in something illegal
A lot of spam currently involves the illegal sale of (often bogus or counterfeit) drugs and (usually pirated) software. the registrars know this, too. But they continue to do business with these criminals anyways - why? Because they make money off of it, of course.
Surprising? (Score:2)
Huh? (Score:1)
DON'T Protest KnujOn (Score:4, Informative)
In this case, some of these companies (Xin Net in particular) keep allowing the same spammers with the same obviously fake Whois info keep registering new domains. And Xin Net has suspended domains when KnujOn and others report them, and shortly afterwards, give them back to the same spammers.
Re: (Score:2)
I think you should protest by forwarding them all of your spam.
Re: (Score:2)
Sounds like someone makes a lot of money off of spam...
Awesome grammar in TFA (Score:1)
Loose accreditation? I thought that was the cause in the first place!
Re: (Score:2)
Who cares? I do. A lot of people do. You, on the other hand, seem to have an investment in keeping spamming easy and cheap. Let me guess where your paycheck comes from...
Color me confused? (Score:2)
Re: (Score:2)
PlanetOnline for the win (Score:1)
I'd love to see this in SpamAssassin or a URIBL (Score:3, Insightful)
I actually do something similar for my greylisting solution, scraping the SpamCop top offending /24 CIDR blocks and giving them a longer grey-time [wikidot.com]. It helps cut down on spam drastically.
I also do something similar within SpamAssassin, giving anything in APNIC an extra 0.5 points (with bayes and net). Here's that SA rule if you like:
As mentioned by earlier posts here, there are just too many hosts to implement a straight-up blacklist hack like the two I just mentioned. We'd need some easier whois lookup or URIBL mechanism to deal with this. And those registrars are BIG and surely likely to have legitimate sites hosted too, so it must be in its own SpamAssassin test with a lower score.
About damned time... (Score:2)
It's just too bad that these bumbling idiots [internic.org] are the ones tasked with trying to make the registrars fly straight.
Now if we could get some control of the ISPs and hosting companies, we could make some
Profits are profits, dirty money or not (Score:1)
The ONLY solution to elimination of spam is to stop it from being profitable vis a vis elimination of demand for its products.
Just a second while I head over to the eugenics lab and get the ball rolling, ok?
Re: (Score:2)
-The criminals at these registrars often used the same bogus contact info to register domains 1000+ times. They won't provide real info. A good registrar would suspend the domains of customers doing that until they provided real info - since the spammers wouldn't, they'd lose the domains. If the domains last hours instead of weeks, it's lost sales for the spammers, cost & time to register the new domain, and need to send out more spam with the new site.
-If registrars WON'T com
Python for the win! (Score:2)
I saw that this article is tagged:
...and I immediately heard that British waitress saying "Well, there's spam-it-spam-story, that's not got much spam in it." Wow I need to go outside more often.
We need a converse list. (Score:2)
Where's the list of the white-hat Registrars? I've got my two personal domains coming up for renewal.