GoDaddy Holds Domains Hostage

saikou writes "There were previous reports of GoDaddy, one of the biggest domain name registrars, attacking Bittorrent sites with frivolous interpretation of their own Terms of Service (that story was resolved), and now similar events unfold with clients of one of Russian domain registrars Majordomo.ru -- GoDaddy has informed them that all 1399 client domains are now blocked (story in Russian) due to 'many of your domain names were listed in the Spamhaus.org blacklist or were resolving to a name server or IP address listed in the Spamhaus.org blacklist' with a demand of a neat '$199 non-refundable administration fee to the credit card on file for your account for each domain name you wish to reactivate' or $50 for each domain to be transferred out into another registrar. I am all for fighting spam, but given how unreliable spam black-lists are such actions simply damage the internet. Instead of affecting people that use spam lists to control the inflow of mail to some degree, all users are effectively forced to be black-list clients. Now all one needs to shut down a site is a few reports of spamming, and the domain (or even better, all domains of a given small registrar) will be suspended."

this is ....

[scenestar]

Just a big of a threat to net neutrality as that QoS crap

Shows what you know

[AlphaSys]

SpamHaus is one of the most conscientious, well-organized, ethical and reliable lists around. Their SBL-XBL list is nothing short of essential in weighting ham and spam. I don't rely upon RBL information alone when weighting ham and spam, but if I did, I'd use spamhaus and nothing else. I'd agree with poster that RBLs are not all that great a single measure and YMMV, but don't spread FUD about spamhaus. They're great.

Re:So Sad

[jez9999]

namecheap.com. I have all but 1 of my domains with them, and that 1 is a .tv domain (when are they gonna become transferrable?!)

As their name suggests, they are cheap. No-nonsense management interface and they're not Godaddy, which is always a plus. Only problem is their support could be a little more responsive.

Re:So Sad

[jsmethers]

That's why I always use http://www.gandi.net/ [gandi.net]. They're both high quality and low cost. You can't beat 12 euro a year (about $15 USD) for the service they offer.

Re:Uh... what?

[Cyberax]

The summary is really unclear (I'm a native Russian speaker, BTW).

Majordomo uses GoDaddy for international domain registrations for some of their clients. GoDaddy has blocked 1399 accounts of Majordomo clients because of spam suspicions.

Majordomo has nothing to do with this extortion scam.

It takes more than a "few reports"

[Toe, The]

"Now all one needs to shut down a site is a few reports of spamming, and the domain (or even better, all domains of a given small registrar) will be suspended."

This demonstrates a poor understanding of how blacklisting works and how anti-spam actions are taken. Spammers who have actions taken against them usually have thousands of reports against them, from hundreds or thousands of disparate sources, over an extended period of time.

Re:Very dangerous precedent

[PRC Banker]

My answer would be that you don't know the domains spam originates from.

Spam comes from an email server. A server can fake domain/origination names/addresses in emails, an email server is not a domain server, just a machine which may or may not be from that 'domain'. Simple. Domains that are linked in the spam could be traced, but are often taken down quickly and I could easily see some increase in deliberate noise/signal in spams using legitimate domains in amongst illigetimate ones in order to 'sell' products/services (i.e. using legitimate domains in URLs pertaining to spams, which are useless to sell the spammer's products, but may increase pressure in crackdowns against domains linked to by spammers).

Re:Very dangerous precedent

[Halo1]

Spamhaus collects domains used by major league spammers to host their sites, not domains appearing in the from-field of sent spam messages.

Re:GoDaddy did this to us, too!

[coop0030]

This happened to me with 10 domains. They held me hostage unless I paid some ridiculous amount.

They claimed we were spamming AOL domains, and we were not! It was a third party. They wouldn't even send me a copy of the spam emails. They would not listen to reason, or anything. It was the worst feeling being held hostage like that.

I didn't have lawyers to help me (couldn't afford them). You were lucky.

Godaddy is a scam, and an extortionist. I hope this story spreads all over the internet.

Re:Simple solution

[Ossifer]

Unfortunately you can't do a chargeback on this, unless you lie to your CC company. When you pay the $50, you have agreed to the charge, and (probably) do receive the service you pay for. I like the other route though. File cheaply in a local small claims court, file for the maximum small claims amount, and wait for godaddy to react. If the don't, profit! Or, if you want to be serious about it, file a charge of extortion with the FBI, and file a civil suit for extortion too...

I will back this up.

[SlashChick]

Since the parent comment was written by an anonymous poster, I would like to add that one of our customers was put in the same situation by GoDaddy. His domain was used in a "joe job" (that is, someone sent out a spam with nonexistent addresses from his domain as the From: header in their spam emails.) He called us (his web hosting provider), furious, wanting to know why his domain name was down. We had received spam complaints as well, but since the spams were not from him and were not advertising his product (he runs a legitimate business that does not use email marketing), we did not shut him down. However, when running a quick WHOIS check on his domain, I noticed that GoDaddy had set his name servers to NS1/NS2.SUSPENDED-FOR-SPAM-AND-ABUSE.COM. This was well over a year ago and since then, I have urged all of our customers to switch away from GoDaddy. Some of our customers have responded, "But I don't spam anything!" Of course you don't. It doesn't matter. If any spammer sends out spam with your domain as the From address, even if you had nothing to do with that spam, and it gets reported to GoDaddy, your domain is toast.

For what it's worth, we use eNom and have never had any problems with them. If you host more than a few domain names, get an eNom reseller account (many providers offer them for free) and pay the same price as GoDaddy. I recommend them highly; we have several hundred domains with them right now.

Re:Obligatory alternative registrar thread

[Anonymous Coward]

check out gkg.net i've been using them for 5 years for all my domains (5 or 6). they offer web-based tools to manage all the normal features you would expect, and when i have needed their help with somethin (rarely), they have responded quickly and have been helpful. it just feels more honest than other registrars. great prices too.

highly recommended, and no, I don't work for or make any money from gkg.net.

GoDaddy Has a History of These Things...

[I*Love*Green*Olives]

This isn't the first time GoDaddy has arbitarily done things like this....

Lindsay Ashford, a promient memeber of the Paedophile community was once registered with GoDaddy until they started to yank his chain and play games [puellula.com] with him using Section Seven of their Domain Registration Agreement--specifically the bit about morally objectionable activities. Lindsay was given 24 hours in which to move the site (which he began to do) only to be informed via email the change over was blocked from GoDaddy's end without explaination. The strange thing is while there was never any child porn or illegal content on puellula.com [puellula.com]and GoDaddy never explained their actions, the site was also home to many racists and extremists hate [puellula.com] sites that were apparently never a problem. It finally took a complaint from Lindsay to ICAAN [wikipedia.org] before the domains were finally restored to him!

GoDaddy is run by people who see no evil in groups such as: Skinheads [slashdot.org], Hammerskins, [slashdot.org]Aryan Nations [slashdot.org], White Camelia Knights of the Ku Klux Klan [slashdot.org], Ku Klux Klan [slashdot.org] all whom were still registered with GoDaddy as of roughly this time last year. Given the legal wrangling it took to get the company to turn over the domain names to their proper owners, why would anyone be surprised when they decide to dip into the extortion racket?

Do yourself a favor and find a domain register who is willing to take care of their customers and isn't run by a bunch of racists who think we haven't done enough torture on the Guantanamo Bay prisioners!

--I*Love*Green*Olives

Re:a company selling $2 domain names is shady!!!

[rs79]

"Something like $6 or $7 per domain?"

$6 last time I checked.

Bob Parsons contributes to online vigilantes.

[Chatmag]

Bob Parsons, owner of GoDaddy, contributed $10,000.00 US [thewhir.com] to Perverted-Justice.com, an online vigilante [chatmag.com] group. Perverted-Justice is the group involved with Dateline NBC. Media groups and journalism scholars have taken Dateline NBC to task for journalism ethics violations [sfgate.com] regarding their involvement with Perverted-Justice.

GoDaddy tried to scam me last month also

[dookie01]

I have a domain with them, and suddenly stopped receiving any email for a few days. So I contacted them to findout what was going on, they said it appeared I was using the domaing for sending SPAM and they have launched an investigation to evaluate the content of the emails sent. I was confused so I looked into it and saw that the SMTP mail forwarding was open on my server and a spammer started using the account. GODADDY by default sets this as PUBLIC. So I contacted them to tell them what was going on and they told me my account might be suspended if I violated TOS. I explained I send around 3 emails a month on my account, and what had happened, but they just kept responding that it is being investigated. At the time I didn't know what was going on, but now I get it. I will be forwarding all my domains registered with back to Network Solutions, I am not a fan of sleezeball operations and extortion.

Intellectual Property, Expropriation, Extortion

[Anonymous Coward]

GoDaddy held my domain hostage because they decided some of the registered information on the account was invalid, and I had failed to fix the info within 2 weeks of some emailed notice (which I never received). I told them that domain names are an Intellectual Property that is recognized worldwide on WIPO treaties and that you need a court order to expropriate one. They closed their service on me and held the domain hostage for over one month, but they finally added it back to my account after threats of law suits.

Seriously, WIPO treaty should guarantee domain names property protections, and a registrar can not just decide to hold them hostage for any reason. No matter what their rules are. Changing or limiting the rights of the owner breaks WIPO treaties and expropriation of property without a legally valid court order, together with demands for money, amounts to kidnapping and extortion. In my case hundreds of businesses suffered a month long break into their DNS servers, which I had to replace with DNS domain registered elsewhere.

I will never make the same mistake of holding all my domains in one registrar.

Re:a company selling $2 domain names is shady!!!

[sp3d2orbit]

I varies for each type of top level domain. A .COM/.NET/.ORG is around $6.25 per year per domain + a .25 ICANN Fee. For other domains like .tv it can be as high as $50. Different bodies control different TLD's and they control the pricing for each.

Actual Hard Info

[Spazmania]

Since the article is heavy on claims and light on the basis for those claims, I thought I'd dig in to it a bit. Turned out to be a difficult. I couldn't find the registration agreement via Godaddy's web page. I had to search Google for it.

http://www.godaddy.com/gdshop/legal_agreements/sho w_doc.asp?se=+&pageid=REG_SA [godaddy.com]

Section 7 is the one that deals with spam. Here's what it says:

7. restriction of services; right of refusal

You agree not to use the services provided by Go Daddy, or to allow or enable others, to use the services provided by Go Daddy for the purposes of:

        * The transmission of unsolicited email (Spam).
        * Repetitive, high volume inquires into any of the services provided by Go Daddy (i.e. domain name availability, etc.).

If You are hosting Your domain's domain name servers ("DNS") on Go Daddy's servers, or are using our systems to forward a domain, URL, or otherwise to a system or site hosted elsewhere, or if You have your domain name registered with Go Daddy, You are responsible for ensuring that there is no excessive overloading on Go Daddy's DNS systems. You may not use Go Daddy's servers and Your domain as a source, intermediary, reply to address, or destination address for mail bombs, Internet packet flooding, packet corruption, or other abusive attack. Server hacking or other perpetration of security breaches is prohibited. You agree that Go Daddy reserves the right to deactivate Your domain name from its DNS system if Go Daddy deems it is the recipient of activities caused by your site that threaten the stability of its network.

You agree that Go Daddy, in its sole discretion and without liability to You, may refuse to accept the registration of any domain name. Go Daddy also may in its sole discretion and without liability to You delete the registration of any domain name during the first thirty (30) days after registration has taken place. Go Daddy may also cancel the registration of a domain name, after thirty (30) days, if that name is being used in association with spam or morally objectionable activities. Morally objectionable activities will include, but not be limited to: activities designed to defame, embarrass, harm, abuse, threaten, slander or harass third parties; activities prohibited by the laws of the United States and/or foreign territories in which You conduct business; activities designed to encourage unlawful behavior by others, such as hate crimes, terrorism and child pornography; activities that are tortious, vulgar, obscene, invasive of the privacy of a third party, racially, ethnically, or otherwise objectionable; activities designed to impersonate the identity of a third party; and activities designed to harm minors in any way. In the event Go Daddy refuses a registration or deletes an existing registration during the first thirty (30) days after registration, You will receive a refund of any fees paid to Go Daddy in connection with the registration either being canceled or refused. In the event Go Daddy deletes the registration of a domain name being used in association with spam or morally objectionable activities, no refund will be issued.

Okay, so there are some pretty nasty things in there. One thing I don't see is where they say they'll hold on to the name, refuse to let you transfer it or charge you an extra fee. In fact, they're quite specific: If you spam, they cancel the registration. Period.

I also read the supposed letter from godaddy at http://majordomo.ru/about/letter.htm [majordomo.ru] . Maybe its just me, but the letter smells false. That's not the careful legal language I would expect from a company Godaddy's size faced with this sort of situation. I'm not discounting the possibility that its real, but it smells false. If I saw that letter in my inbox, I'd suspect phishing.

Dreamhost

[robla]

Dreamhost [dreamhost.com] is only a dollar more per year, and includes privacy guard as a base-level feature (which costs $1/year on GoDaddy), so they're arguably the same price.

Rob

Re:good alternatives to GoDaddy?

[Electrum]

So who's a good, low-cost registrar with no relationship to GoDaddy?

http://www.domaincontender.com/ [domaincontender.com]

They are a rebranded directNIC [directnic.com] (one of the top ten domain registrars).

bluehost

[Travoltus]

And they respect the privacy of your information, too.

1 of 1399

[romantikc p. m.]

I'm the owner of one of those 1399 blocked domains. I assure you all the details in the original article are correct. I, my domain, e-mail, website and anything else owned by me has absolutely nothing to do with those 2 spam activities GoDaddy refers to. And I'm pretty sure the other 1398 domains has nothing to do with spam either.

For those who don't get it, I repeat: Majordomo is not "an underground spam network in the anarchist country". If you think this way, take your nose out of computer and travel the world, it's much different from what you think. Majordomo is a legal and respectable company (yes, it's reselling GoDaddy's services). On my part I'm an independent Mac shareware developer. Thanks Majordomo, now these domains are unblocked.

GoDaddy's actions look like, feel like, smell like, and in fact ARE real extortion. It's absolutely clear, this is one of their ways to earn money. This time they went too far, probably thinking that if Russia is far abroad, such actions won't be noticed. I would recommend to everyone never have any business with GoDaddy, and those who already use it as a registrar, switch immediately.

Did I get any response to my e-mail to GoDaddy? No. Did I get any excuses for their actions? No. Will I get a reimbursement for the loss of profits? No. Anyone who had the same problems with them, send a report at internic [internic.net] and FBI [fbi.gov] websites, and I hope that scum will be shutdown.