ICANN Fumbles...Again

[Gerry]

I am beginning to think that ICANN't do anything right.

Even more discerning, I have the impression they do not care what others think, do, say, or write about them.

ICANN may be in for a reality check as governments are now taking notice and calling ICANN on the virtual carpet to explain. Recently we witnessed the US Dept of Commerce cautioning ICANN regarding the release of new TLD's.

If ICANN would police the registrars or clean its own act up then others would feel less inclined to feel they must step in.

Some registrars believe simply because it is in their TOS that you can't do this, you can't do that - they believe that this statement(s) release them from any wrong doing.

I don't think so.

Witness the latest negative press to appear in non other than the Washington Post. Not only is this printed in our Nation's Capital, but we criticize things like the Snowe Bill for not knowing anything.

Well, when law makers get their news and information from the press then we should expect some to come out against certain issues. Olympia Snowe claims she is protecting consumers. In her mind and the minds of her constituents, she is doing exactly that.

So rather than the Registrars in this piece take a stand to clean up their act, the take a rather defiant stand.

Report: Most Spam Sites Tied to Just 10 Registrars

Nearly 83 percent of all Web sites advertised through spam can be traced back to just 10 domain name registrars, according to a study to be released this week.

The data come from millions of junk messages collected over the past year by Knujon ("no junk" spelled backwards and pronounced "new john"), an anti-spam outfit that tries to convince registrars to dismantle spam sites.

While there are roughly 900 accredited domain name registrars, spammers appear to register the Web sites they advertise in junk e-mail through just one percent of those registrars. Knujon's rankings include:

1. XinNet Cyber Information Company Limited
2. eNom
3. Network Solutions
4. Register.com
5. Planet Online
6. Regtime Ltd.
7. OnlineNIC Inc.
8. Spot Domain LLC
9. wild west Domains
10. Hichina Web Solutions

Bill Mushkin, chief executive at Spot Domain LLC (a.k.a. domainsite.com), called Bruen's study "amazingly unscientific," and said it fails to measure how well registrars respond to reports about spammy domains. In any event, he said, while registrars have a duty under their contract with ICANN to suspend domains with blatantly false or missing data in their WHOIS contact records, there is nothing in their contract that requires them to shutter domains advertised in spam.

"I do not believe it is our duty. It would be great for us if there were some sort of governing body that says you need to shut them down, because the downside of shutting anybody off is that if you're wrong, you're really screwing up someone's life or businesses," Mushkin said. "If it were black and white and simple and we knew for sure in each case, it would be really easy. But it's not like that."

eNom also questioned the reliability of Knujon's data, saying the customers suspected of using its products and services for sending spam are investigated, and if eNom determines there is a problem with spam, the company "takes appropriate action to resolve the situation."

"We hope to have an opportunity to review KnuJon's research and understand their formulas for pulling together this data, as we question their algorithm and its ability to accurately measure which registrars are fighting spam the most, or which are the most spam-friendly," the company said in a statement e-mailed to Security Fix.

Complete Story

My point is that this invites closer scrutiny by governments and consumer protection agencies.

And Registrars, just like domainers and ICANN, have a responsibilty to ensure this is not going on within their confines.

The whole read is actually pretty good as you will see what ICANN has done in the past and who has been shuttered.

But from a consumers point of view (and you are a consumer) this does not look good. And when consumers start sending a message to their elected officials the end result may not be so pretty.

As I have said before and I will say it again - domainers do not run the internet. They just wish they did.

[Acro]

ICANNT does everything right, thank you very much!

[draggar]

1. XinNet Cyber Information Company Limited
2. eNom
3. Network Solutions
4. Register.com
5. Planet Online
6. Regtime Ltd.
7. OnlineNIC Inc.
8. Spot Domain LLC
9. wild west Domains
10. Hichina Web Solutions

I'm glad the only one I closely work with is Wild West (Aren't they a big reseller for GoDaddy?). The only time I work with eNom, NetSol, or Register is with dropped domains (the 2-3 a get a year).

Hopefully someone will give them a boot up the rear.

The question is - though - is this spam going though the registrars or outside email services?

[Vision]

Doc,

Thank you for posting this intel -- as always, you are ahead of the curve. ICANN is secretive and slow — perhaps, it will be replaced at some point.

On September 25, 2006 the ICANN Board of Directors and the U.S. Department of Commerce renewed their "Affirmation of Responsibilities"

Here is their Agreement (it will terminate on September 2009)

Obama appointed a conservative Republican, Judd Gregg, to lead the U.S. Commerce Department -- lets see if the Agreement with ICANN is renewed, modified or rejected this September.

[Acro]

Judd Gregg....sounds like .....


















Judge Dredd!!
...we are doomed.

[Gerry]

Doc,

Thank you for posting this intel -- as always, you are ahead of the curve. ICANN is secretive and slow — perhaps, it will be replaced at some point.

On September 25, 2006 the ICANN Board of Directors and the U.S. Department of Commerce renewed their "Affirmation of Responsibilities"

Here is their Agreement (it will terminate on September 2009)

Obama appointed a conservative Republican, Judd Gregg, to lead the U.S. Commerce Department -- lets see if the Agreement with ICANN is renewed, modified or rejected this September.

I just wonder if ICANN has lived beyond their usefulness - or prehaps uselessness as some may see.

There is too much happening too fast and someone may need to step in and take over the wheel and put the brakes on.

In regards to the new proposed tlds - it all boils down to how it is controlled on the registrars end.

Granted, if Coke wanted its own TLD you better believe that it will be their own tld. These global brands would not be created for the pleasure for domainers. These brands and their name would be so closely kept. Would it be a good move for some like .coke, .ebay, .ford? Perhaps. They already spend millions of dollars on promotions and releasing new products. Having their own tld may honestly save them money in the long run. I can honestly see the validity to some of these. There are countless ways to connect to the internet now and lord knows how many more are in the making.

As for the generic names...some would have its place on the internet. Especially those that are generic and offer a service or product. I actually like the idea of something like .music. If it is handled well and packaged appropriately any of the generic words could be good. When you think of all the kazillions of ways to get music. Now with onboard car computers like SYNC, PC's, laptops, mobile and voice commands, imagine being in your car and simply saying jazz music, hip hop music and the station comes on. Sure, you can probably do the configuring your self and hit the presets...but this is all about a matter of convenience. I have XM in one of my vehicles and I will never ever ever be able to recite all the stations. And I don't have time to scroll every single one to sample.

Blues music what could be more simple?

And the cc tld's? Why not. Everyone (country) wants their own identifying tld. It is a source of identity and national pride.

But...

a mess like this article posted in the Washington Post. Not a good thing.

If 10 registrars are alleged to be responsible for 83% of the spam what do you think these legislators are to say? You want to add to this problem?

Keep in mind that these are not domainers. They do not know how the internet works in regards to ICAAN and the registrars. They are a consumer and all they read and see is spam spam spam

Whether or not someone likes Obama or not is not the issue. The issue is spam spam spam. And all the registars can cry foul foul foul as loud as they want to and it will not have the same resonance of Capital Hill.

So if you want to see less legislation on domains and domainers (and this does affect all domainers globally) then it needs to start at this level.

This forum is attended by most of the registrars and parking companies. They need to be more active and pro-active on DNF. It is their livelihood that is at stake.

If there comes to be a new governing body that makes ICANN obsolete or new legislation because of the domain industry's lack of oversight and enforcement - then right here at this level is where the hammer is going to fall.

[dominator]

1. XinNet Cyber Information Company Limited
2. eNom
3. Network Solutions
4. Register.com
5. Planet Online
6. Regtime Ltd.
7. OnlineNIC Inc.
8. Spot Domain LLC
9. wild west Domains
10. Hichina Web Solutions

you should provide a relative number
i.e. the number of spammer domains to all domains of the respective registrar (percentage)

btw: i hate spam

[Gerry]

you should provide a relative number
i.e. the number of spammer domains to all domains of the respective registrar (percentage)

btw: i hate spam

Not my report, not my piece in the Washington Post.

Perhaps the full report cited would have that info.

In regards to a relative number I think that is immaterial considering that the headline reports these 10 listed are responsible for 83% of the spamming activity.

[draggar]

Obama appointed a conservative Republican, Judd Gregg, to lead the U.S. Commerce Department -- lets see if the Agreement with ICANN is renewed, modified or rejected this September.

Judd Gregg....sounds like .....

Just ask anyone who lived in NH how, er, what, he did to the state. If you want, I can ask my parents.

NH is one of the most conservative states in the country (take out Portsmouth and NH could write the book on conservativeness).

[BobDiGiTaL]

http://voices.washingtonpost.com/sec...knuchart2.html

here's a chart of domains by registrar

[whitebark]

there is nothing in their contract that requires them to shutter domains advertised in spam.

Have to be careful there. If they zealously start closing such sites what's to stop people from spamming their competitor's url via email and all over the net knowing they will get shut down post-haste?

[biggedon]

don't know how Enom got to be #2. on the list.

i would say that in the 7 years i've been with Enom, that i have never received any spam from them

so maybe it's a set-up

From my experience:

when registering domains, Enom sends "1" email per transaction

GoDaddy > sends 3 per transaction
snapnames > sends 3 per transaction
netsol > sends 3 emails just for transfer requests to try and keep you from transferring out.
register.com > sends unsolicited email bimonthly.

[Gerry]

spammers appear to register the Web sites they advertise in junk e-mail through just one percent of those registrars

It is a matter of the source of the email and which registrars that source is tied to.

This is basically a finding that most spammers will registrar with 1. XinNet Cyber Information Company Limited then 2. eNom. This is where the web sites responsible for generating the spam are registered.

This is not saying that the registrar is the spammer.

[biggedon]

This is not saying that the registrar is the spammer.

it certainly gives that impression, which could have legal consequences.

[LGC_Avenger]

I am beginning to think that ICANN't do anything right.

Even more discerning, I have the impression they do not care what others think, do, say, or write about them.

ICANN may be in for a reality check as governments are now taking notice and calling ICANN on the virtual carpet to explain. Recently we witnessed the US Dept of Commerce cautioning ICANN regarding the release of new TLD's.

If ICANN would police the registrars or clean its own act up then others would feel less inclined to feel they must step in.

Some registrars believe simply because it is in their TOS that you can't do this, you can't do that - they believe that this statement(s) release them from any wrong doing.

I don't think so.

Witness the latest negative press to appear in non other than the Washington Post. Not only is this printed in our Nation's Capital, but we criticize things like the Snowe Bill for not knowing anything.

Well, when law makers get their news and information from the press then we should expect some to come out against certain issues. Olympia Snowe claims she is protecting consumers. In her mind and the minds of her constituents, she is doing exactly that.

So rather than the Registrars in this piece take a stand to clean up their act, the take a rather defiant stand.

Report: Most Spam Sites Tied to Just 10 Registrars

Nearly 83 percent of all Web sites advertised through spam can be traced back to just 10 domain name registrars, according to a study to be released this week.

The data come from millions of junk messages collected over the past year by Knujon ("no junk" spelled backwards and pronounced "new john"), an anti-spam outfit that tries to convince registrars to dismantle spam sites.

While there are roughly 900 accredited domain name registrars, spammers appear to register the Web sites they advertise in junk e-mail through just one percent of those registrars. Knujon's rankings include:

1. XinNet Cyber Information Company Limited
2. eNom
3. Network Solutions
4. Register.com
5. Planet Online
6. Regtime Ltd.
7. OnlineNIC Inc.
8. Spot Domain LLC
9. wild west Domains
10. Hichina Web Solutions

Bill Mushkin, chief executive at Spot Domain LLC (a.k.a. domainsite.com), called Bruen's study "amazingly unscientific," and said it fails to measure how well registrars respond to reports about spammy domains. In any event, he said, while registrars have a duty under their contract with ICANN to suspend domains with blatantly false or missing data in their WHOIS contact records, there is nothing in their contract that requires them to shutter domains advertised in spam.

"I do not believe it is our duty. It would be great for us if there were some sort of governing body that says you need to shut them down, because the downside of shutting anybody off is that if you're wrong, you're really screwing up someone's life or businesses," Mushkin said. "If it were black and white and simple and we knew for sure in each case, it would be really easy. But it's not like that."

eNom also questioned the reliability of Knujon's data, saying the customers suspected of using its products and services for sending spam are investigated, and if eNom determines there is a problem with spam, the company "takes appropriate action to resolve the situation."

"We hope to have an opportunity to review KnuJon's research and understand their formulas for pulling together this data, as we question their algorithm and its ability to accurately measure which registrars are fighting spam the most, or which are the most spam-friendly," the company said in a statement e-mailed to Security Fix.

Complete Story

My point is that this invites closer scrutiny by governments and consumer protection agencies.

And Registrars, just like domainers and ICANN, have a responsibilty to ensure this is not going on within their confines.

The whole read is actually pretty good as you will see what ICANN has done in the past and who has been shuttered.

But from a consumers point of view (and you are a consumer) this does not look good. And when consumers start sending a message to their elected officials the end result may not be so pretty.

As I have said before and I will say it again - domainers do not run the internet. They just wish they did.

Very interesting article.

[dominator]

it is wrong to hold registrars responsible for spam or any content

web Hosting companies/email providers should be

[Meridian66]

it is wrong to hold registrars responsible for spam or any content

web Hosting companies/email providers should be

Yes!
When they shut down the major spam-friendly hosting company last year, it caused an immediate and dramatic drop in spam (until they shifted to another friendly host).

http://www.washingtonpost.com/wp-dyn...111202662.html
The volume of junk e-mail sent worldwide may have dropped drastically yesterday after a Web-hosting firm, identified by many in the computer security community as a major host of organizations engaged in spam activity, was taken offline.

McColo, a San Jose Web-hosting company that, according to computer security experts, serves as a U.S. staging ground for international firms that sell a variety of items, including counterfeit pharmaceuticals and child pornography, ceased operations after two Internet providers blocked Web access.

SecureWorks, an Atlanta security-services provider, estimates that McColo was responsible for 75 percent of all spam sent in the United States each day.

[Donald Aquilano]

Just ask anyone who lived in NH how, er, what, he did to the state. If you want, I can ask my parents.

NH is one of the most conservative states in the country (take out Portsmouth and NH could write the book on conservativeness).

Judd Gregg can't be that bad if Obama wants him in his administration.

What did he do that was so bad in NH? Do tell I like to hear how evil this so called conservative is

[katherine]

it is wrong to hold registrars responsible for spam or any content

web Hosting companies/email providers should be

Yes, but the spammers can move to another host while disabling the whole domain is even more effective.

[dominator]

Yes, but the spammers can move to another host while disabling the whole domain is even more effective.

the most effective would be to shut down the whole internet
but we still do not want to do it

spammers can also change the registrar
or (theoretically) stop sending spam

domains should be independent

why should registrars spend our money to fight spam?
(and btw, this system could be also abused)

it should be solved among web Hosting companies and ISPs
they allow sending millions of email

and only exceptionally somebody can legally send millions of (almost identical) emails

this should be stopped

free domain names are like free speech