Slashdot Mirror

← Back to Stories (view on slashdot.org)

SpamHaus Behind .mail Top-Level Domain

Posted by CowboyNeal on from the better-mail-for-a-better-tomorrow dept.

securitas writes "The SpamHaus Project is the group pushing ICANN to create a new trusted-sender system and the .mail top-level domain. SpamHaus proposes that registrants under the .mail TLD would pay at least $2000 per year to and 'agree to abide by certain anti-spam mailing practices.' The interesting twist is that companies that comply with the US CAN-SPAM act - which SpamHaus opposed due to the legalization of bulk unsolicited commercial e-mail - would not be eligibile to register a .mail address. The .mail TLD proposal was recently discussed on Slashdot."

20 of 304 comments (clear)

  1. Maybe a Good Thing? by Liselle · · Score: 5, Insightful
    I never get to be the one who says "but wait, this is a GOOD thing", so I'll toss it out there now, flamebait be darned.

    The interesting twist is that companies that comply with the US CAN-SPAM act - which SpamHaus opposed due to the legalization of bulk unsolicited commercial e-mail - would not be eligibile to register a .mail address.
    This could probably be worded a little more clearly. Complying with the CAN-SPAM act is as easy as not doing anything at all. I think what the submitter means, correct me if I'm wrong, is the "one-shot" bulk mail that a company is allowed to send you under CAN-SPAM. Obviously, SpamHaus considers this spam, still, even though it's technically legal (I would tend to agree).

    This new TLD proposal, according to their FAQ, is not aimed at stopping spam, or replacing the email infrastructure from the ground up. It's more towards legitimizing non-spam email. It may not be technically possible (not my area of expertise, I remember some nay-sayers in the last article discussion who at least sounded like they knew what they were talking about), but I still think their hearts are in the right place. Am I wrong?

    I'm looking forward to the whitepaper they've promised on it.
    --
    Auto-reply to ACs: "Truly, you have a dizzying intellect."
    1. Re:Maybe a Good Thing? by Anonymous Coward · · Score: 4, Insightful

      Not good. We can't trust to filter our mail based on some fixed definition of "spam". I want to choose *my* definition, or choose whose definition I want to use (people can publish black lists and I can choose the black list I want to use).

    2. Re:Maybe a Good Thing? by SillyNickName4me · · Score: 5, Insightful

      When big isps only accept mail from servers registered in the .mail tld, then that takes away my ability to run my own mailserver for my own private domains. How do you mean nothing is taken away from the end user.

  2. Correction by rgmoore · · Score: 4, Insightful
    .' The interesting twist is that companies that comply with the US CAN-SPAM act - which SpamHaus opposed due to the legalization of bulk unsolicited commercial e-mail - would not be eligibile to register a .mail address.

    That's not quite correct. The SpamHaus rules wouldn't ban anyone who obeyed the CAN-SPAM act. Presumably most ordinary companies obey CAN-SPAM by refusing to do anything that vaguely resembles spamming, and they'd be just fine under the SpamHaus rules. What SpamHaus wants to do is to use a stricter definition of what constitutes spam, so that some senders who meet the terms of CAN-SPAM still wouldn't qualify.

    --

    There's no point in questioning authority if you aren't going to listen to the answers.

  3. Goodby home mail server by HaeMaker · · Score: 4, Interesting

    This is bad, as I host my own domain and send mail from it. I don't want to have to pay someone to host my mail server, and you know that plenty of ISPs will block mail that doesn't come from a .mail domain.

    I certainly can't pay $2000 a year.

    1. Re:Goodby home mail server by Anonymous Coward · · Score: 5, Insightful

      I certainly can't pay $2000 a year.

      Nor can a lot of people, which is why this propsal will never work.

    2. Re:Goodby home mail server by technomancerX · · Score: 4, Insightful

      Heh one domain? You're lucky. I host 5 and handle email for all of them. I REALLY can't afford $10,000 just to provide my family with email addresses. This entire proposal is insane.

      --
      .technomancer
    3. Re:Goodby home mail server by dioxide · · Score: 4, Insightful

      Only the smtp server needs to have a .mail domain, right? You can host an indefinite ammount of domains for email on one server, I don't see any reason why you would need a .mail domain for every email domain.

    4. Re:Goodby home mail server by mdfst13 · · Score: 4, Interesting

      I used to administer a mail server that had 40,000 users give or take (IMAP only, not web). The hardware cost about $200,000. I wouldn't be surprised to find out that the support contract was $2000 a year.

      Yahoo/Hotmail both have far more users than that. $2000 is not going to be a big deal for them (for example, with 2 million users, it would be a tenth of a penny per person). I'm sure that they are already spending far more than that on hardware, software, and administration.

  4. Just cut to the chase by siliconbunny · · Score: 5, Funny

    Set up a .spam level, and we can block everything from that if we want.

  5. So basically, this is a $2000 whitelist. by Bombcar · · Score: 5, Interesting

    Because the cost of entry is high, and perhaps policed, it basically becomes a way of saying, "It's from a .mail domain, so it must NOT be spam."

    Whatever. Just like many whitelist methods, it has the standard flaws.

    But I guess it couldn't hurt! Companies with the big bucks or with donors (I'm thinking Samba mailing lists, etc), could afford it.

    The rest of us slobs would continue to crawl around in the .com, .net, .org, and .dust domains.

    As an aside, could you have the same problem with this domain as with AOL's spam filtering, i.e., false reports? What are the punishments for violating the rules of the .mail domain? Death?

    --
    Fellowship 9/11
  6. not great! by Roger+Keith+Barrett · · Score: 4, Insightful

    This is just great... create a two-tiered system with "trusted" and "untrusted" e-mail servers. Guess who will own the "trusted" servers... corporations who can afford to pay the fee!

    I would like the ability to run my own servers and web sites as an individual, please. We don't need ANY system of top level domains that favor corporations over non-corporations. Find another way around the problem, please.

    --

    Why don't you embrace your slashbotness instead of living in a dreamworld?
  7. $2000 is the upper limit by alanw · · Score: 4, Informative
    In this posting to news:news.admin.net-abuse.email Steve Linford of Spamhaus says:
    the $2000 quoted in the application is the highest estimate, given at the deadline because ICANN rules don't allow you to increase a price later
    and in this posting he says
    (we'd prefer it in the region of $250)
  8. What we really need... by ackthpt · · Score: 4, Funny
    What we really need is a .spam tld. All mass emailers not using .spam must have testicle or nipple placed in a vice and slowly tightened until...

    Oh, wait, that's the divorce tactic.

    What the heck, it'd probably work for spammers, too.

    --

    A feeling of having made the same mistake before: Deja Foobar
  9. why new TLD for paid reputation service? by jdunlevy · · Score: 4, Insightful

    Why not just create a paid whitelist (or lists) along the same lines as a dnsbl, charge companies to register and require that they abide by certain practices for being listed? What does a new TLD add other than additional ICANN bureaucracy?

  10. Yeah But... by aduzik · · Score: 5, Insightful
    Spammers are a crafty bunch. They've defeated just about every mechnaism for preventing unauthorized mail server use/relaying/etc. How long until they find a way to get their own .mail server? And also, I would venture to say that most legitimate orgs -- small businesses, personal web site owners, and non-profit organizations in particular -- will not want to, nor be able to shell out two grand for YAD (yet another domain).

    I think recent innovations -- SPF being my favorite so far -- offer a lot more promise than a new TLD. But that's just me :-)

    --
    If it's not one thing it's your mother.
  11. Goodbye semi-professional mail server by fearlezz · · Score: 4, Insightful

    I have a server of my own, hosting my personal site, some sites for family and for a few charity organisations. Total income for hosting: $0. If I would need to buy another domain like this, just to be able to send mail, my costs will triple.

    I cannot afford this. Meaning I will have to close all sites.

    .mail is NOT an option if it costs more than $5!!!

    Personally, I think SPF is the best solution so far. It may not stop spam, but at least it stops forging headers, like the headers of 99,9% of spam in my inbox are.

    --
    .sig: No such file or directory
  12. $2000/year would ruin free email by TheChucklesStart · · Score: 5, Insightful

    Do you think that Yahoo! or Microsoft's Hotmail would pay that $2,000 just so people could send email from them. Would smaller free e-mail companies even be able to afford it?

    Even if those free email places did pay for a .mail domain, would that stop spam? How much spam do you get already that comes from Yahoo! or Hotmail or some other free email survice.

    This would either get rid of free email or let spam live, both while closing down the small free email services. I don't like either option, we should do something else.

  13. So eventually... by .@. · · Score: 4, Insightful

    the only email that'll make it past everyone's spamfilters would be that from MXes in the .mail TLD. ...and those of us who can't shell out $2k/year just to have our private domain in .mail are just screwed.

    Brilliant idea. While we're at it, why don't we just let ICANN authoritatively say who can and can't send mail, and be done with it? It's not like their board is captured or anything.

    --
    .@.
  14. I don't see the point... by eaolson · · Score: 4, Insightful

    I'm just not getting how this proposal would do much. I read through the text of the proposal, which is written in fairly obtuse language I just couldn't quite plod through right now.

    • OK, so we'll have this .mail TLD. Since any domain name just resolves to an IP address, this proposal would just boil down to keeping a list of trusted IP addresses. In other words, a list of trusted mailservers, which can easily be done with what exists now.
    • What happens when spam originates from a .mail address? Because it will, if only from a virus-compromised machine. It seems the only recourse would be the revocation of the .mail domain.
    • And if so, what is to stop a spammer from signing up, sending off a one-shot spam run, and losing the domain? It will just raise the cost of each spam run by the cost of registering the .mail domain. That certainly might *help* reduce spam, but it depends on the amount of spam they could send through before losing the domain.
    • I assume each ISP will have a .mail domain of the sort isp.com.mail, and their customer's email will be routed through it. So what happens when a customer of an ISP decides to spam? Will this committee be tasked with determining whether the ISP terminates their spamming customer within an "acceptable" timeframe?
    • It is already known that there are a number of less-than-entirely-responsible ISPs and even some that are explicitly spam-friendly. For a sufficiently large organization, they could afford to go through .mail domains at a fairly high rate.
    • The cost also seems to be a problem. It seems that this proposal can ONLY work if the cost of the .mail domain is fairly high. It seems that the cost will probably be somewhere between $200 and $2000. This seems prohibitive for individuals, non-profits, and third-world orgs.