Journal damn_registrars's Journal: The connection between spam and bad registrars
Spam is propagated across the internet for one reason - to make money. Web sites are advertised via spam ("spamvertised") to sell goods over the internet. However, there is a party that collaborates in this conspiracy that needs to have light shone upon them - internet registrars.
I have previously mentioned that much of the spam on the internet is made possible by complacent registrars, and now I will elaborate on that statement. While there certainly are good registrars available, there are also many bad registrars who are known for being willing to work with spammers.
Spamvertised sites are usually listed by domains in the spam emails that are sent out. Using a domain, rather than a numeric IP address, has an advantage for the spammers - especially in the ability to easily re-map a domain name to a new IP address whenever necessary.
So how can I state that there are distinctly bad registrars? It is fairly simple to detect. Namely, spammers tend to register large numbers of domains at a time, through only one or two registrars at a time. As an example, I frequently receive spam from domains sold to "Leo Kuvayev", also known as Alex Rodrigez (note the spelling difference from Alex Rodriguez [of the New York Yankees]). By doing a simple WHOIS search on the domains that are spamvertised to my email address, I can see some of the hundreds of domains that he has purchased. Furthermore, I can see that he has a short list of registrars that he prefers to use.
This short list of registrars is where the problem lies. There are registrars that are accredited by ICANN, but located overseas where of course the US CAN-SPAM ACT does not apply. These registrars are willing to sell Kuvayev large numbers of domains at a time, knowing that they will be used for nefarious purposes. Even after contacting the registrars, and pointing out to them that these domains are being used as such, the registrars continue to sell domains to these people.
The problem also follows into the name services (NS) records for these domains. As the spamvertised domain changes, the NS record remains the same. This of course likely means that the spammers own the domains that they use for NS.
So the connection between the spammers and the registrars is simple - profit. The registrars charge a price to the customer (in this case the spammer) for the services of registration. The spammers don't mind paying for numerous domains, either because they are making back the money in sales, or because they are getting a special deal through the registrar. And in the end, the registrar plays stupid to protect the customer.
Hence, while registrars are not themselves propagating spam, there are plenty of bad registrars that intentionally make business decisions that allow spam to propagate.
I have previously mentioned that much of the spam on the internet is made possible by complacent registrars, and now I will elaborate on that statement. While there certainly are good registrars available, there are also many bad registrars who are known for being willing to work with spammers.
Spamvertised sites are usually listed by domains in the spam emails that are sent out. Using a domain, rather than a numeric IP address, has an advantage for the spammers - especially in the ability to easily re-map a domain name to a new IP address whenever necessary.
So how can I state that there are distinctly bad registrars? It is fairly simple to detect. Namely, spammers tend to register large numbers of domains at a time, through only one or two registrars at a time. As an example, I frequently receive spam from domains sold to "Leo Kuvayev", also known as Alex Rodrigez (note the spelling difference from Alex Rodriguez [of the New York Yankees]). By doing a simple WHOIS search on the domains that are spamvertised to my email address, I can see some of the hundreds of domains that he has purchased. Furthermore, I can see that he has a short list of registrars that he prefers to use.
This short list of registrars is where the problem lies. There are registrars that are accredited by ICANN, but located overseas where of course the US CAN-SPAM ACT does not apply. These registrars are willing to sell Kuvayev large numbers of domains at a time, knowing that they will be used for nefarious purposes. Even after contacting the registrars, and pointing out to them that these domains are being used as such, the registrars continue to sell domains to these people.
The problem also follows into the name services (NS) records for these domains. As the spamvertised domain changes, the NS record remains the same. This of course likely means that the spammers own the domains that they use for NS.
So the connection between the spammers and the registrars is simple - profit. The registrars charge a price to the customer (in this case the spammer) for the services of registration. The spammers don't mind paying for numerous domains, either because they are making back the money in sales, or because they are getting a special deal through the registrar. And in the end, the registrar plays stupid to protect the customer.
Hence, while registrars are not themselves propagating spam, there are plenty of bad registrars that intentionally make business decisions that allow spam to propagate.
The connection between spam and bad registrars More Login
The connection between spam and bad registrars
Slashdot Top Deals