Forgot your password?
typodupeerror

GoDaddy Holds Domains Hostage 389

Posted by CowboyNeal
from the pay-us dept.
saikou writes "There were previous reports of GoDaddy, one of the biggest domain name registrars, attacking Bittorrent sites with frivolous interpretation of their own Terms of Service (that story was resolved), and now similar events unfold with clients of one of Russian domain registrars Majordomo.ru -- GoDaddy has informed them that all 1399 client domains are now blocked (story in Russian) due to 'many of your domain names were listed in the Spamhaus.org blacklist or were resolving to a name server or IP address listed in the Spamhaus.org blacklist' with a demand of a neat '$199 non-refundable administration fee to the credit card on file for your account for each domain name you wish to reactivate' or $50 for each domain to be transferred out into another registrar. I am all for fighting spam, but given how unreliable spam black-lists are such actions simply damage the internet. Instead of affecting people that use spam lists to control the inflow of mail to some degree, all users are effectively forced to be black-list clients. Now all one needs to shut down a site is a few reports of spamming, and the domain (or even better, all domains of a given small registrar) will be suspended."
This discussion has been archived. No new comments can be posted.

GoDaddy Holds Domains Hostage

Comments Filter:
  • by a_greer2005 (863926) on Saturday June 17, 2006 @10:38AM (#15554689)
    Whats next, are you going to tell me that used car dealers can be less than fully honest? SAY IT AINT SO!
  • this is .... (Score:3, Informative)

    by scenestar (828656) on Saturday June 17, 2006 @10:38AM (#15554690) Homepage Journal
    Just a big of a threat to net neutrality as that QoS crap
    • QoS can be very handy for managing traffic on internal corporate networks. Like many other technologies (e.g. the Evil Petting Zoo), QoS can be applied for good or evil.
  • Shows what you know (Score:5, Informative)

    by AlphaSys (613947) on Saturday June 17, 2006 @10:43AM (#15554704)
    SpamHaus is one of the most conscientious, well-organized, ethical and reliable lists around. Their SBL-XBL list is nothing short of essential in weighting ham and spam. I don't rely upon RBL information alone when weighting ham and spam, but if I did, I'd use spamhaus and nothing else. I'd agree with poster that RBLs are not all that great a single measure and YMMV, but don't spread FUD about spamhaus. They're great.
    • SpamHaus is indeed one of the best outfits around, though I can see the poster's point if you're using one of the more unreliable services. The whole blacklist/whitelist idea is good, except where people abuse it as part of some personal vendetta or one company doesn't like another company. SpamHaus uses much better information to rot out just who is and isn't a spammer -- I'd be willing to bet their false positive rate is pretty low.

    • by sauge (930823)
      I hate all these idiot blackhole lists.

      One list complained my machine was using the wrong version of sendmail for their taste. Not one bit of spam came from the machine - but they listed it simply because I had an old version of sendmail.

      Since then I have considered all these lists to be unregulated vigilantes.

      Speaking with other people - they also found themselves listed on various BHLs over trite and stupid shit.

      With all the zombie computers out these days, BHLs are weapons of the last war anyhow.
    • by JohnWasser (888342) on Saturday June 17, 2006 @12:21PM (#15555050)
      Mail Delivery Subsystem to me Jun 15 (2 days ago)

      This is an automatically generated Delivery Status Notification

      Delivery to the following recipient failed permanently:

              xxxxxxx@frontiernet.net

      Technical details of permanent failure:
      PERM_FAILURE: SMTP Error (state 9): 554 Sorry, your mail server (py-out-1112.google.com[64.233.166.178]) is rejected using sbl-xbl.spamhaus.org. See http://postmaster.frontiernet.net/error.html#sbl-x bl [frontiernet.net]

          ----- Original message -----

      Received: by 10.35.115.18 with SMTP id s18mr2328477pym;
                    Wed, 14 Jun 2006 21:52:32 -0700 (PDT)
      Received: by 10.35.97.6 with HTTP; Wed, 14 Jun 2006 21:52:32 -0700 (PDT)
      Message-ID:
      Date: Thu, 15 Jun 2006 00:52:32 -0400
      From: "John Wasser"
      To: "xxxxxxx"
      Subject: Re: printer setup repair
      In-Reply-To:
      MIME-Version: 1.0
      Content-Type: text/plain; charset=ISO-8859-1; format=flowed
      Content-Transfer-Encoding: 7bit
      Content-Disposition: inline
      References:

      • PERM_FAILURE: SMTP Error (state 9): 554 Sorry, your mail server (py-out-1112.google.com[64.233.166.178]) is rejected using sbl-xbl.spamhaus.org. See http://postmaster.frontiernet.net/error.html#sbl-x [frontiernet.net] bl [frontiernet.net]

        This "evidence" appears to be fabricated. The IP address 64.233.166.178 is in fact not listed on Spamhaus at all:

        $ host 178.166.233.64.sbl-xbl.spamhaus.org
        Host 178.166.233.64.sbl-xbl.spamhaus.org not found: 3(NXDOMAIN)
        $

        or see the web lookup query [spamhaus.org] at spamhaus.org.

        • This "evidence" appears to be fabricated. The IP address 64.233.166.178 is in fact not listed on Spamhaus at all:

          The fact that it isn't listed NOW does not mean it wasn't listed THEN.

          I have had spamhaus block email from yahoo too. It has been for me quite a conundrum deciding if the the false positives spamhaus gives outweigh the true spam it blocks. They do generally fix these within a couple hours, but it is really frustrating that during those couple hours, all email going to my mail server from yahoo is
    • It's godaddy using spamhaus for purposes no sane person would believe is a good idea. AFAIK, there's no way a domain service provider can check in advance whether or not any given domain name applicant is or is not a spammer, anyone on the ROKSO list can use a fake business name in order to get a domain.

      Gaming what godaddy's doing to unjustly shut down a domain (or in this case, 1399 domains) is just too easy.

      Imagine having a legitimate website and having it shut down because godaddy has shut down your d

  • by Anon E. Muss (808473) on Saturday June 17, 2006 @10:43AM (#15554705)
    Once we allow domain registrars to become the Spam Police, very soon there will be political pressure for them to become the Content Police. It starts with spam and kiddie pron -- content that 99.999% of the world agrees is wrong. I guarantee it won't stop there.
    • by Halo1 (136547) <jonas.maebe@nOsPam.elis.ugent.be> on Saturday June 17, 2006 @10:50AM (#15554725) Homepage
      Actually, you need some level of self-policing to curb the problem if you want to demonstrate that laws are not necessary. Why should a domain name registrar be less responsible for spammers than hosting ISPs? Especially, since spammers nowadays often host their sites on hacked Windows boxes, with the DNS switching from one machine to another all the time (thus making the domain name their most important asset).
      • by eneville (745111) on Saturday June 17, 2006 @11:01AM (#15554758) Homepage
        If GoDaddy wants to make a stand they should alter their TOS to that effect BEFORE blocking domains. If they block the domains there should not be an extortionate fee to release it. The domain is neutral in this, the abuser should, although they are wrong, not have to pay GoDaddy in this way.
      • My answer would be that you don't know the domains spam originates from.

        Spam comes from an email server. A server can fake domain/origination names/addresses in emails, an email server is not a domain server, just a machine which may or may not be from that 'domain'. Simple. Domains that are linked in the spam could be traced, but are often taken down quickly and I could easily see some increase in deliberate noise/signal in spams using legitimate domains in amongst illigetimate ones in order to 'sell
        • And unfortunately, with DNS vulnerabilities being what they are, it's easy enough to spoof or move a domain from one IP to send out the spam then switch the domain somewhere else. A mail server isn't going to know that a domain has been spoofed or moved, just like the postman doesn't know you've moved unless you tell them.

        • Spamhaus collects domains used by major league spammers to host their sites, not domains appearing in the from-field of sent spam messages.
      • by asuffield (111848) <asuffield@suffields.me.uk> on Saturday June 17, 2006 @02:23PM (#15555469)
        Actually, you need some level of self-policing to curb the problem if you want to demonstrate that laws are not necessary.

        That's a disingenuous myth. It's far, far better to have laws than self-policing.

        Why?

        Because laws come with other laws guaranteeing you due process. 'Self-policing' means a corporate does whatever they feel like to you. This GoDaddy nonsense is a classic example: $200, pay-or-be-damned, no evidence, no appeals, no way to argue your case.

        The best thing of all is neither laws nor self-policing, but rather a common carrier. That's an entity which moves data for everybody and every purpose without limits, and in exchance is not responsible for any of the data they move. Sure the terrorists can use it, but that's better than government or corporate intervention. Whenever this is reasonably practical, it's better than all the alternatives. It may not be practical for the sale of firearms, but it's definitely practical for the sale of DNS names.
    • by Toe, The (545098) on Saturday June 17, 2006 @11:05AM (#15554773)
      Registrars are private entities... InterNIC is from last millennium.

      If you want to enforce that registrars cannot impose restrictions on their clients, then what kind of slippery slope are you encouraging?

      Are you saying that the worst murderous mobsters can operate massive criminal enterprises on a website hosted in an anarchistic country and their registrar should be prevented from denying them service?
      • by X0563511 (793323) * on Saturday June 17, 2006 @11:30AM (#15554861) Homepage Journal
        Yes. The registrar has no business doing anything but the following:
        OK, your bills are payed. Now when people type A, A is resolved to IP B instead of C (a parking page)

        It's the responsibility of law enforcement to enforce law. But, in your own argument, the site is hosted in an anarchistic country. We (and whatever country the registrar is based in) have NO BUSINESS imposing law or right/wrong on another sovergn country OR IT'S CITIZENS OR BUSINESSES. We can yell/scream/make noise/threaten as much as we want, but we cannot enforce our views on them.
        • by Anonymous Coward
          I remember doing whois lookups and digs, and with the domains resolving back to GoDaddy as the register from time to time, I would complain to them for allowing registration of what were obviously domain names for spamming or mlm purposes which always turn out to be spam related as well. So I'd be putting pressure on GoDaddy for allowing the registrations, for not having software to look for obvious spam names within the domain names they currently register, and for other actions that enable or provide ref
          • in other words (Score:4, Insightful)

            by alizard (107678) <{alizard} {at} {ecis.com}> on Saturday June 17, 2006 @08:29PM (#15556598) Homepage
            You support Godaddy shutting down domains that are inadvertently associated with spam due to actions unconnected to people who bought domains in good faith from them or a downstream provider unless they're yours.

            This isn't the equivalent of a property owner evicting a tenant for drug violations, this is the equivalent of a property owner evicting every tenant in one of his buildings because one tenant is dealing drugs.

      • by Mostly a lurker (634878) on Saturday June 17, 2006 @11:52AM (#15554939)
        Are you saying that the worst murderous mobsters can operate massive criminal enterprises on a website hosted in an anarchistic country and their registrar should be prevented from denying them service?
        Some people may have valid reasons to access government sites.
      • by NickFortune (613926) on Saturday June 17, 2006 @11:59AM (#15554973) Homepage Journal
        If you want to enforce that registrars cannot impose restrictions on their clients...

        I rather read that as GoDaddy imposing restrictions on the clients of another registrar. That hardly seems like behaviour we would wish to encourage.

        ...then what kind of slippery slope are you encouraging?

        Speaking of slipperly slopes, GoDaddy stand to make almost 300k from this stick up. I mean, it isn't as if this is going to solve anything, and it isn't as if GoDaddy are blocking them unconditionally. They're just saying "we want a slice of you're ill gotten gains or we drop all your packets.

        The thing is, if we let this pass, that gives lots of registrars an incentive to start eforcing the law as they see it, and for material gain. That's going to encourage them to define ill-doing on the net loosely, since they get tp shake down more nets

        Are you saying that the worst murderous mobsters can operate massive criminal enterprises on a website hosted in an anarchistic country and their registrar should be prevented from denying them service?

        You're either trolling, or else you're taking way too much for granted here.

        For example it's far from clear that murderous mobsters are involved, let along the worst sort (unless you define unsoilicited junk email as being identical to the unlawful taking of human life, that is). The criminality is open to question too since spamming is not (sadly) universally illegal.

        And that's just the domains registered to MajorDomo.ru. GoDaddy are demanding money with manaces from all those domains. Unless Majordomo have some weird negative vetting process for thier clients, then the chances are that not all of them are crooks.

        I can't see how GoDaddy have any ethical justification for their actions here, and I can't think of a single pargmatic reason why we should condone their behaviour

  • by creimer (824291) on Saturday June 17, 2006 @10:46AM (#15554710) Homepage
    Seriously, an outfit named "GoDaddy" was bound to say, "Who's your daddy?!"
  • Extortion (Score:5, Insightful)

    by aussie_a (778472) on Saturday June 17, 2006 @10:46AM (#15554711) Journal
    How is this little more then extortion? They have a thinly veiled reason, but let's say the spammers pay up. Their domain is re-activated. What then? How does that stop them from being spammers? This is just GoDaddy grabbing people willy nilly and forcing them to pay for fees they've already paid for.
    • I guess Go Daddy is aiming to spend Father's Day in jail.

      "Hi kids, thanks for visiting me here in prison. I tried to make spammers give me some of their drug money, but ended up asking innocent people for drug money too. Oops. Maybe next year we can go have that picnic in the park."
    • Re:Extortion (Score:5, Interesting)

      by neoform (551705) <djneoform@gmail.com> on Saturday June 17, 2006 @11:40AM (#15554891) Homepage
      Exactly, I had one of my domain names held hostage by them about 5 months ago. They told me they had received a complaint about spam for my domain and so I was required to pay $199USD. I told them to fuck off and wanted to transfer the domain to netsol, but godaddy REFUSED to allow me to transfer without first paying them the $200. I took me more than a month of yelling at their 'managers' on the phone who didn't give a shit about ICANN regulations before they allowed the transfer.

      Godaddy's policies are terrible, they will do anything to make extra money.
  • Damn it! (Score:2, Funny)

    by Anonymous Coward
    When is someone going to start running summaries through a spelling and grammar checker or even rewriting them because reading things without commas and necessary punctuation along with incredibly long sentences is extremely hard you know and this particular summary is even more confusing now because we can't tell what the submitter even meant but hey CowboyNeal just always does some copy&paste stuff without caring about the audience right and it isn't important at all if TFA is in Russian and the lette
    • Re:Damn it! (Score:2, Funny)

      by Zantetsuken (935350)
      because if they souped up the form for people to submit stuff to have a spell and grammar checker, people would complain it takes anywhere from a half second on their dsl or cable modem to 2 seconds longer on dialup - and if it wasnt that, they'd complain about whatever script for it not working in Safari, Opera, etc, for that matter, it'd probably be an IE only compatible script, and not at all standards compliant...
  • If registers start policing spam on their sites, they will have stepped onto a steep, slippery slope that leads to policing content.

    Spam is a problem, but handing even more power over to the registrars is not the answer to that problem.

    Registrars, ISPs, politicians, and diapers need to be changed frequently -- for approximately the same reasons(*).
    If I had any accounts with GoDaddy I'd be switching to Dotster or one of thousands of other registrars right now.

    (*)apologies to Heinlein
    • If registers start policing spam on their sites, they will have stepped onto a steep, slippery slope that leads to policing content.

      I think it's quite legitimate for a registrar to have terms of service and to reject hosting domains that violate these. If a registrar doesn't like porn, or multi-level marketing, or viagra sales, that's fine, as long as the customers are made aware of it beforehand. There are thousands of registrars, if you have a legitimate site you will ahve no problem finding hosting. B

  • So Sad (Score:5, Interesting)

    by PingXao (153057) on Saturday June 17, 2006 @10:49AM (#15554722)
    I just renewed a domain for 2 yrs with them and I sort of regret it. GoDaddy used to be a top-notch outfit. Low prices and no nonsense. These days it's low prices and lots of nonsense. Between the GoDaddy spam, other spammers they support via special arrangements, and their incredibly convoluted ordering and pricing schemes it's no wonder they're starting to plumb the depths of sleaze.

    The thing is their prices are so great it's really hard to justify going someplace else. You can pay up to $35 a year at some of the boutique registrars.
    • Re:So Sad (Score:4, Informative)

      by jez9999 (618189) on Saturday June 17, 2006 @11:03AM (#15554764) Homepage Journal
      namecheap.com. I have all but 1 of my domains with them, and that 1 is a .tv domain (when are they gonna become transferrable?!)

      As their name suggests, they are cheap. No-nonsense management interface and they're not Godaddy, which is always a plus. Only problem is their support could be a little more responsive.
    • Re:So Sad (Score:3, Informative)

      by jsmethers (977148)
      That's why I always use http://www.gandi.net/ [gandi.net]. They're both high quality and low cost. You can't beat 12 euro a year (about $15 USD) for the service they offer.
      • I'll second that. Gandi.net is exactly who I was going to recommend. Inexpensive, no-nonsense, and reliable.
  • Odd. (Score:3, Interesting)

    by beavis88 (25983) on Saturday June 17, 2006 @10:51AM (#15554727)
    GoDaddy is usually pretty good about pointing out BS like this (eg bogus .eu "registrars", companies taking advantage of domain registration cancellation grace period, etc). I don't much like their style of advertising, but otherwise, they have been a great company to deal with on my personal domains. I'm looking for a place to migrate my business domains as well; this story has given me some second thoughts...
    • Re:Odd. (Score:5, Funny)

      by bigman2003 (671309) on Saturday June 17, 2006 @10:57AM (#15554750) Homepage
      Sorry you don't like their advertising.

      Personally, I use GoDaddy for a domain registrar, and a host in some cases.

      The only reason I started was because of their commercials. A tech company willing to have totally gratuitous shots of a chick bouncing her big boobs...well, that's a company for me.

      Really- I did move a lot of business there because of the chick with big boobs. I guess that makes me shallow. Or a guy who likes boobs.

      You Go Daddy!
      • I certainly did enjoy their television advertising - I just don't much like all the on-site advertising and upsells. On the other hand, I recognize that the reality of low prices and decent service is that there will be a tradeoff to make somewhere. I can deal with wading through the crap to get good prices, but I rarely recommend their services to nontechnical friends lately, just because all the options can make purchasing quite confusing.
  • But good for GoDaddy. Spam is one of the scourges of the net and anyone who spams doesn't deserve to be on it.

    Besides, check out Spamhaus, it takes a lot more then a "few reports of spamming" to end up on their list. It takes solid evidence that you're a large-scale spammer or provide spam support services (such as bulletproof hosting)
  • by jiggerdot (976328) on Saturday June 17, 2006 @10:52AM (#15554733) Homepage
    The most fucked-up thing about this story is not the blocking of 1399(!) domains, but the fact that fact they CAN be reactivated, if only you pay 199$(!!) for "administration fees". This is not about policing the internet, it's about squeezing more money out of their customers. If this guy pays up, what prevents them from doing the same shit all over again 2 years from now? Hell, I'd like to know what their legal justification is now. Correct me if I'm wrong, but unless they are are hosting the stuff, they have no liabliity here, do they? Huh. I wonder if this can be used as an admissin on their end of being liable for content and actions of domains registered under them? Talk about watching an avalanche begin....
    • ... well, seeing as its "reactivation fees charged to the credit card on account" ... and that the REAL spammers probably used stolen cc info, they'll be going "no problem, comradeski, here's our NEW credit card info, charge away ... heck, charge it twice, you know, one for "next time", dah?".

      Of course, the non-spammers end up with a kick in the head.

      This isn't going to stop real spammers - they've got millions of windows slaves.

  • by Anonymous Coward on Saturday June 17, 2006 @10:54AM (#15554742)
    About six months ago, GoDaddy held 78 (yes, seventy-eight) of our domains hostage. They had all of our sites down (we receive approximately 2 million web server hits per day, about 160,000 unique sessions) for nearly 48 hours while we wrangled control of our domains back.

    What was their excuse?

    Someone outside of our organization had (for whatever unknown reason, as this is not our business) spammed using ONE of our domains as a the spoofed header-from domain. And yes, we publish SPF records. That wont stop idiots from trying.

    Anyway, I personally spent close to one hour on the phone with their "abuse" people (ironic that they consider what we were doing abusive). I explained the situation over and over to no avail. We escalated to their lead "abuse" person. Same story. "Your domain was in a spam and we do not allow this"... When I would try to explain that it was not from us or on our behalf in any way, shape, or form -- we were curtly told "that's not what we've been told."

    Now, I had also received the spam complaint. Their "abuse" ("abusive") people were going solely off what was written in this complaint itself. In ALL CAPS, the user cried bloody murder about "I DID NOT SIGN UP AND DO NOT WANT SPAMS FROM THESE PEOPLE"... GoDaddy did not lift one finger to actually investigate the situation and instead took the end users' word for it.

    We had to get our lawyers involved. We had to fax them threatening letters. Finally, they so gracefully allowed us to tranfer our domains away from GoDaddy to another registrar for the very low highjacking fee of $50 per domain we were going to transfer.

    Again -- this was not a spam from us, for us, or by us. It was a completely third party individual just randomly choosing our domain to spoof.

    GoDaddy is a goddamn scam and I hope their company gets burnt someday. It would not surprise me if the spam was created by them for the specific purpose of looting their more deep-pocketed customers through these $50 "re-activation" fees. Month getting slow? Craft up another fake spam. Fuckers.

    • by mgkimsal2 (200677) on Saturday June 17, 2006 @11:45AM (#15554910) Homepage
      That's a shame. I've got a lot of domains with godaddy.com but am testing out other registrars and will be migrating more away. It's not just these sorts of reports, but also their switch to Microsoft IIS for parked domains that bothers me some.

      The sad thing is that this sort of thing on their part really won't hurt all that much. How much money would they have made on each of your domains for the next *10* years? $30? I'm basing this on $3 profit ($9 - $6 wholesale cost - maybe it's different for them?) By forcing you to leave they've almost doubled that, and they don't have any work to do to service you for the next 10 years either!

      If they could simply extract $50 from every single domain-name-only customer to transfer away they would be *far* more profitable than they are now because there'd be less overhead and work to do.
    • So if someone fakes my email address in their spam I get burnt for it? I have some 3-letter email addresses that I registered way back then with what has now become one of the largest free internet mail providers in Germany. Nowdays I get a lot of returns on those, because spammers tried to spam an email address that does not exist any more faking my email address as theirs and the server is requiered to send an error message.

      Glad I am not with godaddy. Otherwise I should delete those accounts.

      Even worse if
    • by coop0030 (263345) on Saturday June 17, 2006 @12:57PM (#15555161) Homepage
      This happened to me with 10 domains. They held me hostage unless I paid some ridiculous amount.

      They claimed we were spamming AOL domains, and we were not! It was a third party. They wouldn't even send me a copy of the spam emails. They would not listen to reason, or anything. It was the worst feeling being held hostage like that.

      I didn't have lawyers to help me (couldn't afford them). You were lucky.

      Godaddy is a scam, and an extortionist. I hope this story spreads all over the internet.
    • Here, try this neat ICANN Registrar Complaint form [internic.net]. I can't say whether it's useful or not, but it couldn't hurt to fill it out.
    • I will back this up. (Score:5, Informative)

      by SlashChick (544252) * <erica AT erica DOT biz> on Saturday June 17, 2006 @02:05PM (#15555403) Homepage Journal
      Since the parent comment was written by an anonymous poster, I would like to add that one of our customers was put in the same situation by GoDaddy. His domain was used in a "joe job" (that is, someone sent out a spam with nonexistent addresses from his domain as the From: header in their spam emails.) He called us (his web hosting provider), furious, wanting to know why his domain name was down. We had received spam complaints as well, but since the spams were not from him and were not advertising his product (he runs a legitimate business that does not use email marketing), we did not shut him down. However, when running a quick WHOIS check on his domain, I noticed that GoDaddy had set his name servers to NS1/NS2.SUSPENDED-FOR-SPAM-AND-ABUSE.COM. This was well over a year ago and since then, I have urged all of our customers to switch away from GoDaddy. Some of our customers have responded, "But I don't spam anything!" Of course you don't. It doesn't matter. If any spammer sends out spam with your domain as the From address, even if you had nothing to do with that spam, and it gets reported to GoDaddy, your domain is toast.

      For what it's worth, we use eNom and have never had any problems with them. If you host more than a few domain names, get an eNom reseller account (many providers offer them for free) and pay the same price as GoDaddy. I recommend them highly; we have several hundred domains with them right now.
    • Best registrar... (Score:4, Interesting)

      by SonicSpike (242293) on Saturday June 17, 2006 @08:23PM (#15556585) Homepage Journal
      ...by far is DirectNIC.
      $15 and no bullshit.

      To me they are like the Google of registrars - "do no evil".

      They even are based out of NOLA and had very little if any downtime during Katrina. You can read about it and see damage to their building here:
      http://interdictor.livejournal.com/ [livejournal.com]
  • WTF? (Score:5, Funny)

    by Some guy named Chris (9720) on Saturday June 17, 2006 @10:54AM (#15554743) Journal
    Sometimes you read the article description, and actually know less than when you started.

    This is one of those times.
  • GoDaddy are not a organisation who should tell the domain registrant what they can and cannot do with their domains.

    If GoDaddy does not wish to be associated with the content or the use of the domains, then they should force the owners to transfer them to another registrar, such as preventing the name servers from being added.

    I wonder if this behaviour is aginst the ICANN rules.
  • by Howard Beale (92386) on Saturday June 17, 2006 @10:57AM (#15554751)
    First the Microsoft migration, now this. Anyone recommend a good, inexpensive registar that supports spf?

  • unreliable? (Score:3, Interesting)

    by Gary W. Longsine (124661) on Saturday June 17, 2006 @11:02AM (#15554762) Homepage Journal
    " I am all for fighting spam, but given how unreliable spam black-lists are such actions simply damage the internet. "
    Assuming the problem referred to in the article summary is that of false positives, I think "unreliable" is really a misleading term to apply to the blacklists. Some of them are relatively reliable at their intended purpose--helping people reduce spam by blocking sources of spam.

    The problems with false positives are really an externalized cost [wikipedia.org], which accrues largely to innocent and not-so-innocent third parties, since sometimes spam originates from IP addresses or domains where other legitimate traffic exits (innocently) but sometimes the owners of those domains are supporting the spam activity directly (not so innocently). Of course, some of the costs of blocked legitimate traffic accrue to the user of the spam list, but those folks are making a trade-off and pretty clearly feel the benefits to be worth the annoyances.

    Regarding the central thesis that taking actions like these "damage the internet," may I suggest that in fact the odds of "damage" to anyone are probabaly quite low, assuming that the Registrar does proper due diligence before taking such actions. They should not take the mere presense on a blacklist as gospel, but should check the domains directly themselves.

    I'm also amused at the likely effect of the "fee for restoration of service". Ticked-off innocent users will be unfairly charged, and are likely to complain very loudly. Such users will probably receive an apology from a help desk worker, and free restoration of service. Guilty users are financing their operation with stolen identity and credit cards and will probably just pay the fee using ill gotten booty. (Aaaarh, Matey! Make 'em swab the poop deck instead! [stanford.edu])
    • assuming that the Registrar does proper due diligence before taking such actions

      Read the experience of other posters ... that's not what's happened in the past.

      If someone's spamming, make them take their business elsewhere. Same as if someone goes into a restaurant and starts screaming at other cutomers - make them take their business elsewhere. The "pay us $199 reactivation fee and you're back up" would be more like telling the screamer in the restaurant "pay us a cover charge and you can abuse the o

  • Too drastic measures (Score:2, Interesting)

    by skoval (921501)
    Working at hosting provider's support in Russia I often had to inform clients by sending e-mail's to often not valid addresses about abuse reports. Basically I get no resonse until their site has been blocked. But sometimes we even couldn't do that if abuse was for domain resolving to our customer's server.
    Blocking ip's at registrar's layer for me is more preferable, but procedure of unlocking a domain is a bit frightening although. Mainly because of the response time.
    And blocking so many domain names is un
  • by Toe, The (545098) on Saturday June 17, 2006 @11:10AM (#15554792)

    "Now all one needs to shut down a site is a few reports of spamming, and the domain (or even better, all domains of a given small registrar) will be suspended."

    This demonstrates a poor understanding of how blacklisting works and how anti-spam actions are taken. Spammers who have actions taken against them usually have thousands of reports against them, from hundreds or thousands of disparate sources, over an extended period of time.

    • I had an open relay for no more than a week or two due to a misconfiguration. I wound up on a couple of spam blacklists as a result and had to jump through hoops to get myself removed. Maybe things have improved in the couple years since this happened, but it's quite possible to have actions taken in very short time, even if you conscientiously fix your honest error within a couple hours of discovering the problem.
    • by NormalVisual (565491) on Saturday June 17, 2006 @03:29PM (#15555670)
      I would say that you've never had the pleasure of having to deal with being blacklisted by an unreasonable asshole.

      I host my own mail and that of a friend. My friend was getting messages back from a couple of servers indicating that delivery of his mail was being denied because his (i.e. my) server was on the Abusive Hosts Blocking List (AHBL). Now, given that I have a very locked-down and tested qmail install and I'm providing valid SPF records from my DNS, I was a little perplexed. I got in touch with AHBL and was told that my entire IP range was on their blacklist simply because they had a beef with a particular spammer that operated from Time-Warner's network. I pointed out that this was a problem that concerned a completely different geographical area in TW's IP range, and that my IP was a static address within TW's business-class ranges. They basically said they didn't care, as my IP address belonged to TW, not to me, and because of that they absolutely were not going to unblock my IP address. It seems to me they consider their little infantile vigilante crusade against TW to be more important than anything else, even when it's pointed out to them that they are recommending the blocking of legitimate servers.

      Spam is certainly an annoyance to me (close to 1K every day), but I can't afford the possibility of losing valid e-mail because some idiot spam list admin has some kind of ideological problem with an ISP, so I don't use blacklists. I can't say that Spamhaus is any better or worse, but as far as I'm concerned, the staff at the AHBL (and Andrew Kirch in particular) can go fuck themselves with a large, jagged, rough-surfaced object.
  • We know that GoDaddy is migrating to Microsoft [netcraft.com]. Now, the question that must be asked is: does this migration have anything to do with increased spam problems?
  • It seems to me that godaddy has become a bad registrar over the past couple years. It has moved to MS servers, it has promoted the domain name hijacking market, it has severly degraded customer experience with exesive ads, and now had turned to extortion to make money.

    Now, don't get me wrong. If godaddy saw a registrant engaging in uncuth activity, I would have no problem with godaddy sending a letter saying the registrant had 30 days to find another registrar. I would not even have a big issue with go

  • Simple solution (Score:5, Interesting)

    by Joe U (443617) on Saturday June 17, 2006 @12:05PM (#15554993) Homepage Journal
    Pay the $50, move your domains, chargeback the $50 and/or file a suit in small claims court.

    They'll dispute the filing and keep pulling out parts of their license agreement to counter it. Dispute the agreement as being invalid. When all is said and done, you'll be out a few days of work, GoDaddy will have wasted a ton on lawyers.

    (Disclaimer: I am not a lawyer, this is Slashdot, use common sense, this is not advice, you are feeling sleepy...sleepy...SLEEPY...you want to buy me a 50" HDTV.)
    • Re:Simple solution (Score:3, Informative)

      by Ossifer (703813)
      Unfortunately you can't do a chargeback on this, unless you lie to your CC company. When you pay the $50, you have agreed to the charge, and (probably) do receive the service you pay for. I like the other route though. File cheaply in a local small claims court, file for the maximum small claims amount, and wait for godaddy to react. If the don't, profit! Or, if you want to be serious about it, file a charge of extortion with the FBI, and file a civil suit for extortion too...
  • by Apple Acolyte (517892) on Saturday June 17, 2006 @12:20PM (#15555048)
    I'm going to have to go a bit farther in researching this matter than reading the headline, but my tendency is to give Godaddy the benefit of the doubt. That choice has been influenced by unfortunate events that gripped my father's organization. A year ago some former members of my father's organization decided to end their affiliation with us, except that they chose to attempt a hostile, unlawful takeover instead of forming a separate entity. This minor faction concealed considerable resentment for us prior to the break-away, and they believed that they would be able to easily compel us to acquiesce and hand the corporation over to them. Settlement would not come easily. Long story short, after a year long legal battle and a year's worth of high-priced lawyer fees, the other side got crushed in a pre-trail ruling and had to begrudgingly accept our (relatively) generous terms.

    Now here's the Internet angle: A few months into the conflict, they started targeting our web hosts and domain registrars with unlawful DMCA notices and other underhanded legal tactics. We had been advised by one of our attorneys to go with Network Solutions instead of the smaller registrar we had been with since our domain's original creation; we chose to take the legal advice despite my grave misgivings. Predictably enough (given the myriad of horror stories about the company), Network Solutions locked down our domain on the basis of the opposition's lawsuit and refused to unlock it until the termination of legal proceedings. Plus, our domain was locked down while its DNS record pointed to a hosting company that also denied us service. It was terrifically devastating to effectively lose our domain and site for that period, as it had been our official domain since 1996. As for Godaddy, once our site got taken down indefinitely we transferred over to one of our secondary domains that was registered with Godaddy. Godaddy never took action against that domain - we never even got notice from them about the mater despite the fact the opposition obviously attempted the same maneuver against Godaddy that it used on NetSol. The only troubling thing about Godaddy's service was an automated message sent to us concerning an illegitimate challenge to our DNS contact information. Notably, the message claimed to give us only a few days to respond to the challenge before Godaddy would take action, which could have included registration deletion. We were able to take care of that issue with one phone call, and we were even given an unusually candid apology for the previous notice. Nonetheless, that experience was disconcerting. Despite that occurrence, Godaddy did not falter for us even in those adverse conditions, so I'll be staying with it unless and until it no longer merits my appreciation. (And for less important domains, I use the slightly cheaper 1and1.)
  • I don't trust spam lists to be accurate. If had recurring problems with SPEWS which have never been resolved. What if godaddy starts to steal domains who are listed in SPEWS? Or what if there's a problem with my web hosting service? No way am I going to be offline while trying to sort this out. Thank god my problem domain isn't on godaddy, but plenty of other ones are (yea, I collect them...lots of people do), and I will be moving them off, or at least moving them when their going to expire. This is bad bus
  • This isn't the first time GoDaddy has arbitarily done things like this....

    Lindsay Ashford, a promient memeber of the Paedophile community was once registered with GoDaddy until they started to yank his chain and play games [puellula.com] with him using Section Seven of their Domain Registration Agreement--specifically the bit about morally objectionable activities. Lindsay was given 24 hours in which to move the site (which he began to do) only to be informed via email the change over was blocked from GoDaddy's end without explaination. The strange thing is while there was never any child porn or illegal content on puellula.com [puellula.com]and GoDaddy never explained their actions, the site was also home to many racists and extremists hate [puellula.com] sites that were apparently never a problem. It finally took a complaint from Lindsay to ICAAN [wikipedia.org] before the domains were finally restored to him!

    GoDaddy is run by people who see no evil in groups such as: Skinheads [slashdot.org], Hammerskins, [slashdot.org]Aryan Nations [slashdot.org], White Camelia Knights of the Ku Klux Klan [slashdot.org], Ku Klux Klan [slashdot.org] all whom were still registered with GoDaddy as of roughly this time last year. Given the legal wrangling it took to get the company to turn over the domain names to their proper owners, why would anyone be surprised when they decide to dip into the extortion racket?

    Do yourself a favor and find a domain register who is willing to take care of their customers and isn't run by a bunch of racists who think we haven't done enough torture on the Guantanamo Bay prisioners!

    --I*Love*Green*Olives

  • by Chatmag (646500) <editor@chatmag.com> on Saturday June 17, 2006 @03:47PM (#15555729) Homepage Journal
    Bob Parsons, owner of GoDaddy, contributed $10,000.00 US [thewhir.com] to Perverted-Justice.com, an online vigilante [chatmag.com] group. Perverted-Justice is the group involved with Dateline NBC. Media groups and journalism scholars have taken Dateline NBC to task for journalism ethics violations [sfgate.com] regarding their involvement with Perverted-Justice.
  • by dookie01 (983278) on Saturday June 17, 2006 @04:40PM (#15555883)
    I have a domain with them, and suddenly stopped receiving any email for a few days. So I contacted them to findout what was going on, they said it appeared I was using the domaing for sending SPAM and they have launched an investigation to evaluate the content of the emails sent. I was confused so I looked into it and saw that the SMTP mail forwarding was open on my server and a spammer started using the account. GODADDY by default sets this as PUBLIC. So I contacted them to tell them what was going on and they told me my account might be suspended if I violated TOS. I explained I send around 3 emails a month on my account, and what had happened, but they just kept responding that it is being investigated. At the time I didn't know what was going on, but now I get it. I will be forwarding all my domains registered with back to Network Solutions, I am not a fan of sleezeball operations and extortion.
  • Digg (Score:3, Funny)

    by wbren (682133) on Saturday June 17, 2006 @06:50PM (#15556300) Homepage
    Well, here's a story you won't see on Diggnation.

    "This week's episode of Diggnation is brought to you by GoDaddy -- The people who are probably holding your domain hostage right now."
  • Actual Hard Info (Score:4, Informative)

    by Spazmania (174582) on Saturday June 17, 2006 @06:50PM (#15556302) Homepage
    Since the article is heavy on claims and light on the basis for those claims, I thought I'd dig in to it a bit. Turned out to be a difficult. I couldn't find the registration agreement via Godaddy's web page. I had to search Google for it.

    http://www.godaddy.com/gdshop/legal_agreements/sho w_doc.asp?se=+&pageid=REG_SA [godaddy.com]

    Section 7 is the one that deals with spam. Here's what it says:

    7. restriction of services; right of refusal

    You agree not to use the services provided by Go Daddy, or to allow or enable others, to use the services provided by Go Daddy for the purposes of:

            * The transmission of unsolicited email (Spam).
            * Repetitive, high volume inquires into any of the services provided by Go Daddy (i.e. domain name availability, etc.).

    If You are hosting Your domain's domain name servers ("DNS") on Go Daddy's servers, or are using our systems to forward a domain, URL, or otherwise to a system or site hosted elsewhere, or if You have your domain name registered with Go Daddy, You are responsible for ensuring that there is no excessive overloading on Go Daddy's DNS systems. You may not use Go Daddy's servers and Your domain as a source, intermediary, reply to address, or destination address for mail bombs, Internet packet flooding, packet corruption, or other abusive attack. Server hacking or other perpetration of security breaches is prohibited. You agree that Go Daddy reserves the right to deactivate Your domain name from its DNS system if Go Daddy deems it is the recipient of activities caused by your site that threaten the stability of its network.

    You agree that Go Daddy, in its sole discretion and without liability to You, may refuse to accept the registration of any domain name. Go Daddy also may in its sole discretion and without liability to You delete the registration of any domain name during the first thirty (30) days after registration has taken place. Go Daddy may also cancel the registration of a domain name, after thirty (30) days, if that name is being used in association with spam or morally objectionable activities. Morally objectionable activities will include, but not be limited to: activities designed to defame, embarrass, harm, abuse, threaten, slander or harass third parties; activities prohibited by the laws of the United States and/or foreign territories in which You conduct business; activities designed to encourage unlawful behavior by others, such as hate crimes, terrorism and child pornography; activities that are tortious, vulgar, obscene, invasive of the privacy of a third party, racially, ethnically, or otherwise objectionable; activities designed to impersonate the identity of a third party; and activities designed to harm minors in any way. In the event Go Daddy refuses a registration or deletes an existing registration during the first thirty (30) days after registration, You will receive a refund of any fees paid to Go Daddy in connection with the registration either being canceled or refused. In the event Go Daddy deletes the registration of a domain name being used in association with spam or morally objectionable activities, no refund will be issued.


    Okay, so there are some pretty nasty things in there. One thing I don't see is where they say they'll hold on to the name, refuse to let you transfer it or charge you an extra fee. In fact, they're quite specific: If you spam, they cancel the registration. Period.

    I also read the supposed letter from godaddy at http://majordomo.ru/about/letter.htm [majordomo.ru] . Maybe its just me, but the letter smells false. That's not the careful legal language I would expect from a company Godaddy's size faced with this sort of situation. I'm not discounting the possibility that its real, but it smells false. If I saw that letter in my inbox, I'd suspect phishing.

If I'd known computer science was going to be like this, I'd never have given up being a rock 'n' roll star. -- G. Hirst

Working...