ietf-asrg
[Top] [All Lists]

Re: [Asrg] Assume perfect knowledge by domain registry provisioners, so what?

2003-05-08 23:22:57

From: David Walker <antispam(_at_)grax(_dot_)com>

I can't imagine a scenario where a registry provider would be concerned about
spam as a part of providing registry services.  A registry doesn't gain or
lose because a registered domain is used for spam and they don't have any
dutues in overseeing how a domain is used.

Spammers do not use their real info when registering domains. However ICANN as part of their policy and as stated in their written contracts with the registrars and registries requires all domains to have valid contact information in the WHOIS database. Unfortunatly this rule has not been widely enforced and the pnly registrar that I am aware of being fined or warned is Verisign. But theoritically speaking if this rule is enforced then the registrars will care if the domain has valid info. Thus they will come to care about domains being used for spam since they can be fined by ICANN.

That in turn will lead to spammers using contact info of others, postal mailbox services, domains registered via proxy (like the service provide by godaddy.com), etc. Also they will now have a greater incentive to hack into DNS, registrars and hijack domains via false transfers (like the sex.com case). However that will lead them more into the physical world where they can be easier to trace. Plus using other people's info might be a bigger crime than spam itself and will attract attention of LEA.

I would suggest in general that the working group should recommend to ICANN a stricter enforcement of the WHOIS rules (securing the DNS to guard against attacks that will increase might help too).
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>