GoDaddy Holds Domains Hostage 389
saikou writes "There were previous reports of GoDaddy, one of the biggest domain name registrars, attacking Bittorrent sites with frivolous interpretation of their own Terms of Service (that story was resolved), and now similar events unfold with clients of one of Russian domain registrars Majordomo.ru -- GoDaddy has informed them that all 1399 client domains are now blocked (story in Russian) due to 'many of your domain names were
listed in the Spamhaus.org blacklist or were resolving to a name server
or IP address listed in the Spamhaus.org blacklist' with a demand of a neat '$199 non-refundable
administration fee to the credit card on file for your account for each
domain name you wish to reactivate' or $50 for each domain to be transferred out into another registrar.
I am all for fighting spam, but given how unreliable spam black-lists are such actions simply damage the internet. Instead of affecting people that use spam lists to control the inflow of mail to some degree, all users are effectively forced to be black-list clients.
Now all one needs to shut down a site is a few reports of spamming, and the domain (or even better, all domains of a given small registrar) will be suspended."
So Sad (Score:5, Interesting)
The thing is their prices are so great it's really hard to justify going someplace else. You can pay up to $35 a year at some of the boutique registrars.
Odd. (Score:3, Interesting)
GoDaddy did this to us, too! (Score:5, Interesting)
What was their excuse?
Someone outside of our organization had (for whatever unknown reason, as this is not our business) spammed using ONE of our domains as a the spoofed header-from domain. And yes, we publish SPF records. That wont stop idiots from trying.
Anyway, I personally spent close to one hour on the phone with their "abuse" people (ironic that they consider what we were doing abusive). I explained the situation over and over to no avail. We escalated to their lead "abuse" person. Same story. "Your domain was in a spam and we do not allow this"... When I would try to explain that it was not from us or on our behalf in any way, shape, or form -- we were curtly told "that's not what we've been told."
Now, I had also received the spam complaint. Their "abuse" ("abusive") people were going solely off what was written in this complaint itself. In ALL CAPS, the user cried bloody murder about "I DID NOT SIGN UP AND DO NOT WANT SPAMS FROM THESE PEOPLE"... GoDaddy did not lift one finger to actually investigate the situation and instead took the end users' word for it.
We had to get our lawyers involved. We had to fax them threatening letters. Finally, they so gracefully allowed us to tranfer our domains away from GoDaddy to another registrar for the very low highjacking fee of $50 per domain we were going to transfer.
Again -- this was not a spam from us, for us, or by us. It was a completely third party individual just randomly choosing our domain to spoof.
GoDaddy is a goddamn scam and I hope their company gets burnt someday. It would not surprise me if the spam was created by them for the specific purpose of looting their more deep-pocketed customers through these $50 "re-activation" fees. Month getting slow? Craft up another fake spam. Fuckers.
unreliable? (Score:3, Interesting)
The problems with false positives are really an externalized cost [wikipedia.org], which accrues largely to innocent and not-so-innocent third parties, since sometimes spam originates from IP addresses or domains where other legitimate traffic exits (innocently) but sometimes the owners of those domains are supporting the spam activity directly (not so innocently). Of course, some of the costs of blocked legitimate traffic accrue to the user of the spam list, but those folks are making a trade-off and pretty clearly feel the benefits to be worth the annoyances.
Regarding the central thesis that taking actions like these "damage the internet," may I suggest that in fact the odds of "damage" to anyone are probabaly quite low, assuming that the Registrar does proper due diligence before taking such actions. They should not take the mere presense on a blacklist as gospel, but should check the domains directly themselves.
I'm also amused at the likely effect of the "fee for restoration of service". Ticked-off innocent users will be unfairly charged, and are likely to complain very loudly. Such users will probably receive an apology from a help desk worker, and free restoration of service. Guilty users are financing their operation with stolen identity and credit cards and will probably just pay the fee using ill gotten booty. (Aaaarh, Matey! Make 'em swab the poop deck instead! [stanford.edu])
Too drastic measures (Score:2, Interesting)
Blocking ip's at registrar's layer for me is more preferable, but procedure of unlocking a domain is a bit frightening although. Mainly because of the response time.
And blocking so many domain names is unacceptable at all.
Re:Very dangerous precedent (Score:5, Interesting)
OK, your bills are payed. Now when people type A, A is resolved to IP B instead of C (a parking page)
It's the responsibility of law enforcement to enforce law. But, in your own argument, the site is hosted in an anarchistic country. We (and whatever country the registrar is based in) have NO BUSINESS imposing law or right/wrong on another sovergn country OR IT'S CITIZENS OR BUSINESSES. We can yell/scream/make noise/threaten as much as we want, but we cannot enforce our views on them.
Re:Extortion (Score:5, Interesting)
Godaddy's policies are terrible, they will do anything to make extra money.
Re:Very dangerous precedent (Score:3, Interesting)
You seem to have forgotten to indicate any reason why you would see this as acceptable.
I didn't forget -- I just thought it was obvious. For the benefit of the slow learners in the class, I'll repeat myself: Domain name registrars should not get into the content policing business. Today it's spam, which everybody agrees is terrible and should be stopped. Tomorrow it will be with some other type of disfavored content.
Why would you force registrars to act according to your will?
I see it the other way around -- the registrar is trying to force their will on me. GoDaddy is making a value judgement based on the content associated with the domain name. By disabling the name, they are removing my ability to access that content (yeah, sure, I could do it by IP address, but we have DNS for a reason).
Re:Very dangerous precedent (Score:4, Interesting)
I rather read that as GoDaddy imposing restrictions on the clients of another registrar. That hardly seems like behaviour we would wish to encourage.
Speaking of slipperly slopes, GoDaddy stand to make almost 300k from this stick up. I mean, it isn't as if this is going to solve anything, and it isn't as if GoDaddy are blocking them unconditionally. They're just saying "we want a slice of you're ill gotten gains or we drop all your packets.
The thing is, if we let this pass, that gives lots of registrars an incentive to start eforcing the law as they see it, and for material gain. That's going to encourage them to define ill-doing on the net loosely, since they get tp shake down more nets
Are you saying that the worst murderous mobsters can operate massive criminal enterprises on a website hosted in an anarchistic country and their registrar should be prevented from denying them service?
You're either trolling, or else you're taking way too much for granted here.
For example it's far from clear that murderous mobsters are involved, let along the worst sort (unless you define unsoilicited junk email as being identical to the unlawful taking of human life, that is). The criminality is open to question too since spamming is not (sadly) universally illegal.
And that's just the domains registered to MajorDomo.ru. GoDaddy are demanding money with manaces from all those domains. Unless Majordomo have some weird negative vetting process for thier clients, then the chances are that not all of them are crooks.
I can't see how GoDaddy have any ethical justification for their actions here, and I can't think of a single pargmatic reason why we should condone their behaviour
Simple solution (Score:5, Interesting)
They'll dispute the filing and keep pulling out parts of their license agreement to counter it. Dispute the agreement as being invalid. When all is said and done, you'll be out a few days of work, GoDaddy will have wasted a ton on lawyers.
(Disclaimer: I am not a lawyer, this is Slashdot, use common sense, this is not advice, you are feeling sleepy...sleepy...SLEEPY...you want to buy me a 50" HDTV.)
Re:GoDaddy did this to us, too! (Score:3, Interesting)
Glad I am not with godaddy. Otherwise I should delete those accounts.
Even worse if I had a popular domain name.
Would they block hotmail.com too, because they send so much spam?
Anecdote: Godaddy Has Impressed Me (Score:3, Interesting)
Now here's the Internet angle: A few months into the conflict, they started targeting our web hosts and domain registrars with unlawful DMCA notices and other underhanded legal tactics. We had been advised by one of our attorneys to go with Network Solutions instead of the smaller registrar we had been with since our domain's original creation; we chose to take the legal advice despite my grave misgivings. Predictably enough (given the myriad of horror stories about the company), Network Solutions locked down our domain on the basis of the opposition's lawsuit and refused to unlock it until the termination of legal proceedings. Plus, our domain was locked down while its DNS record pointed to a hosting company that also denied us service. It was terrifically devastating to effectively lose our domain and site for that period, as it had been our official domain since 1996. As for Godaddy, once our site got taken down indefinitely we transferred over to one of our secondary domains that was registered with Godaddy. Godaddy never took action against that domain - we never even got notice from them about the mater despite the fact the opposition obviously attempted the same maneuver against Godaddy that it used on NetSol. The only troubling thing about Godaddy's service was an automated message sent to us concerning an illegitimate challenge to our DNS contact information. Notably, the message claimed to give us only a few days to respond to the challenge before Godaddy would take action, which could have included registration deletion. We were able to take care of that issue with one phone call, and we were even given an unusually candid apology for the previous notice. Nonetheless, that experience was disconcerting. Despite that occurrence, Godaddy did not falter for us even in those adverse conditions, so I'll be staying with it unless and until it no longer merits my appreciation. (And for less important domains, I use the slightly cheaper 1and1.)
Spamhaus blacklisted Google GMail. :-( (Score:4, Interesting)
This is an automatically generated Delivery Status Notification
Delivery to the following recipient failed permanently:
xxxxxxx@frontiernet.net
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 554 Sorry, your mail server (py-out-1112.google.com[64.233.166.178]) is rejected using sbl-xbl.spamhaus.org. See http://postmaster.frontiernet.net/error.html#sbl-
----- Original message -----
Received: by 10.35.115.18 with SMTP id s18mr2328477pym;
Wed, 14 Jun 2006 21:52:32 -0700 (PDT)
Received: by 10.35.97.6 with HTTP; Wed, 14 Jun 2006 21:52:32 -0700 (PDT)
Message-ID:
Date: Thu, 15 Jun 2006 00:52:32 -0400
From: "John Wasser"
To: "xxxxxxx"
Subject: Re: printer setup repair
In-Reply-To:
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References:
Re:this is .... (Score:3, Interesting)
Re:Spamhaus blacklisted Google GMail. :-( (Score:3, Interesting)
The fact that it isn't listed NOW does not mean it wasn't listed THEN.
I have had spamhaus block email from yahoo too. It has been for me quite a conundrum deciding if the the false positives spamhaus gives outweigh the true spam it blocks. They do generally fix these within a couple hours, but it is really frustrating that during those couple hours, all email going to my mail server from yahoo is getting bounced because someone or something at spamhaus caught someone sending spam.
Re:This story is pure bull-crap. (Score:3, Interesting)
I included in the article link to black list of Google mail relays. Would you like your Google mail be blocked because someone claims that Google is a safe haven for spammers as it "either sent mail to our spam traps or we received reports from our members of spam"?
Oh, I forgot. You work for an ISP so you don't care. But it would be interesting to see your reaction if your whole subnet gets blocked because ISP on the adjacent net got flagged as "does not react to SPAM reports" and block list would escalate original listing to a bigger subnet. I am sure you have enough time and money to quickly move to another upstream provider in a blink of an eye. Or somehow magically clean up your particular subnet over typical "Oh, but you're too close to spammers, you must be spammer yourself!" battle cry.
This particular article was about GoDaddy relying on Spamhouse for deciding what accounts to block until $50/$199 fee is paid. There are tons of discussions about black list reliability and false positives. Primary difference with spam flagging/blocking is users chose to do it. But here someone else made the decision and demanded payment.
Would you like Google.com to suddenly disappear from the DNS because Spamhaus flagged some of their IPs as "sending spam"? I am sure you would.
Re:Very dangerous precedent (Score:2, Interesting)
If you've seen Bob on TV he comes off as likable and personable character. In person, he's a lot different. He's a pretty angry guy who rules by fear. I left GoDaddy for a better opportunity, but I did see a ton of people get let go for arbitrary reasons. We had something like a 300% turnover while I was there (not including the call center). I know that he has pissed enough people off that they take physical security very-very seriously for a relatively small outfit. I'm not talking about securing the servers, I mean a dozen guards (for two entrances), metal detectors, random bag and car inspections and a card entry system that makes it a challenge to just get to a bathroom.
Bob's a hard-core ultra-conservative Republican. Pro-Bush all the way. Do you remember the NBC(?) footage of the unarmed, incapcitated enemy combatants being shot at that mosque in Iraq a while back? Bob came right out and publicly praised the marines in his blog. He later toned down his language, but it is something to keep in mind when thinking about how GoDaddy justifies charging $199 to get back a $6.99 domain.
This all being said, I still purchase all my domains from GoDaddy. They are cheap and customer service is good -- but there is no way in hell that I would post this non A/C.
Re:a company selling $2 domain names is shady!!! (Score:1, Interesting)
This little episode reveals one of the ways they're making up the loss.
the problem isn't spamhaus (Score:3, Interesting)
Gaming what godaddy's doing to unjustly shut down a domain (or in this case, 1399 domains) is just too easy.
Imagine having a legitimate website and having it shut down because godaddy has shut down your domain service provider. There are probably several hundred Russians in that position right now.
Best registrar... (Score:4, Interesting)
$15 and no bullshit.
To me they are like the Google of registrars - "do no evil".
They even are based out of NOLA and had very little if any downtime during Katrina. You can read about it and see damage to their building here:
http://interdictor.livejournal.com/ [livejournal.com]
Re:GoDaddy did this to us, too! (Score:1, Interesting)
Re:a company selling $2 domain names is shady!!! (Score:2, Interesting)
Um, why? Seems to me they're telling you what they'll do, and then they go and do it. One assumes you agreed to the TOS and service contract, so, how, exactly is it evil? Bad business practice, yes, evil, no.
Re:Shows what you know (Score:3, Interesting)
As it happens, I'm a GoDaddy customer. I've also dealt with Network Solutions and MelbourneIT. GoDaddy stands head and shoulders above both of those big-name, big-rep registrars in terms of service, value for the money, and especially ethics. It wasn't GoDaddy who refused to give Panix their domain name back when it got jacked due to Melbourne's own sloppiness. GoDaddy doesn't send out fake "rewnewal" notices for domains owned by other registrars. And it certainly wasn't GoDaddy who tried to convince us SiteFinder was for our benefit. I'm not saying GoDaddy is a bunch of saints -- they're not, they're a bunch of businessmen -- but they're head and shoulders above the competition, ethics-wise.
They're also the only registrar I know of, and one of the damn few businesses of any type, where you can go yell at the big cheese personally. Bob Parsons and I have exchanged words a time or two via his blog. I suspect if I called up GoDaddy and wanted to talk to him, they'd put me through.
Oh, as to how they can sell domain names below cost: The actual offer is a domain for $1.99 when you buy a non-domain product, such as a hosting contract. They make money on that in exactly the way the Friendly's down the street from me is making money off a free ice cream sundae when you buy a chicken platter. Nothing shady about that, just a "buy a big thing, get a little thing cheap/free" deal like millions of other businesses offer every day. They make their money off of regular priced domain names (not much each, but their volume is incredible) and all of their other products and services, from software to hosting.
No, I don't work for GoDaddy, I'm just one of their customers. All the money flows from me to them, not the other way around. But I just got sick of all the speculation, insinuations, baseless assumptions, and general-purpose bashing from uninformed people who know nothing more about GoDaddy and its business practices than what they read in Slashdot comments.
I don't read Slashdot much anymore, and this kind of thing is one of the reasons why. Come on, guys, we're better than this. Or at least we used to be.
Re:Shows what you know (Score:3, Interesting)
But what amuses me about this is that you have the idea to berate people for attacking GoDaddy for this, on the grounds that "they're not as bad as other registrars", and that you defend the ethics of a company arbitrarily deciding that your domain is being used for nefarious purposes, /on the basis of/ one of their resellers having sold other domains which were used for nefarious purposes, and charging a $200 fee to allow you use of your own domain, regardless of whether or not you actually did something wrong. That's not even remotely ethical, and is not any more defendable because you could personally yell at Bob Parsons, or because it wasn't GoDaddy who decided to push unresolving domains to their service.