Slashdot Mirror
GoDaddy Holds Domains Hostage
saikou writes "There were previous reports of GoDaddy, one of the biggest domain name registrars, attacking Bittorrent sites with frivolous interpretation of their own Terms of Service (that story was resolved), and now similar events unfold with clients of one of Russian domain registrars Majordomo.ru -- GoDaddy has informed them that all 1399 client domains are now blocked (story in Russian) due to 'many of your domain names were
listed in the Spamhaus.org blacklist or were resolving to a name server
or IP address listed in the Spamhaus.org blacklist' with a demand of a neat '$199 non-refundable
administration fee to the credit card on file for your account for each
domain name you wish to reactivate' or $50 for each domain to be transferred out into another registrar.
I am all for fighting spam, but given how unreliable spam black-lists are such actions simply damage the internet. Instead of affecting people that use spam lists to control the inflow of mail to some degree, all users are effectively forced to be black-list clients.
Now all one needs to shut down a site is a few reports of spamming, and the domain (or even better, all domains of a given small registrar) will be suspended."
Once we allow domain registrars to become the Spam Police, very soon there will be political pressure for them to become the Content Police. It starts with spam and kiddie pron -- content that 99.999% of the world agrees is wrong. I guarantee it won't stop there.
The key sequence to access my Slashdot bookmark in Firefox is Alt-B-S. I don't believe this is a coincidence.
How is this little more then extortion? They have a thinly veiled reason, but let's say the spammers pay up. Their domain is re-activated. What then? How does that stop them from being spammers? This is just GoDaddy grabbing people willy nilly and forcing them to pay for fees they've already paid for.
But good for GoDaddy. Spam is one of the scourges of the net and anyone who spams doesn't deserve to be on it.
Besides, check out Spamhaus, it takes a lot more then a "few reports of spamming" to end up on their list. It takes solid evidence that you're a large-scale spammer or provide spam support services (such as bulletproof hosting)
People Talking in Movie shows.. people smoking in bed.. people voting republican.. GIVE THEM A BOOT TO THE HEAD!
The most fucked-up thing about this story is not the blocking of 1399(!) domains, but the fact that fact they CAN be reactivated, if only you pay 199$(!!) for "administration fees". This is not about policing the internet, it's about squeezing more money out of their customers. If this guy pays up, what prevents them from doing the same shit all over again 2 years from now? Hell, I'd like to know what their legal justification is now. Correct me if I'm wrong, but unless they are are hosting the stuff, they have no liabliity here, do they? Huh. I wonder if this can be used as an admissin on their end of being liable for content and actions of domains registered under them? Talk about watching an avalanche begin....
"can't run, can't hide...oh well, return 0"
a company selling $2 domain names is shady!!!
Whats next, are you going to tell me that used car dealers can be less than fully honest? SAY IT AINT SO!
Why? How complex do you think hosting a name <-> IP table is, especially when the basic, long-proven infrastructure costs are spread across tens of millions of domains.
Network Solutions, the other end of the cost scale, has hardly been a model of good registrar behaviour. In fact most people consider them the scummiest, shadiest of the group.
The fact that they're saying "Just give us a little money and these complaints will disappear" makes the whole thing even shadier.
I don't know about the yacht in international waters, but I agree that Spamhaus wreaks havoc on organizations that have done nothing wrong. Our organization has been black listed before too, and it was in error. It finally got cleared up, but it is still damaging.
We stopped using RBL's a long time ago, and have swtiched to something called Securence http://www.securence.com/. It has been much more reliable than RBL's, and keeps the junk from ever getting to our server in the first place. I haven't had a complaint about a false positive since we switched, and it blocks over 100,000 spam/viruses/phishing attempts a day.
I struggled for days and days and all I got was this lousy sig.
That's a shame. I've got a lot of domains with godaddy.com but am testing out other registrars and will be migrating more away. It's not just these sorts of reports, but also their switch to Microsoft IIS for parked domains that bothers me some.
The sad thing is that this sort of thing on their part really won't hurt all that much. How much money would they have made on each of your domains for the next *10* years? $30? I'm basing this on $3 profit ($9 - $6 wholesale cost - maybe it's different for them?) By forcing you to leave they've almost doubled that, and they don't have any work to do to service you for the next 10 years either!
If they could simply extract $50 from every single domain-name-only customer to transfer away they would be *far* more profitable than they are now because there'd be less overhead and work to do.
creation science book
I hate all these idiot blackhole lists.
One list complained my machine was using the wrong version of sendmail for their taste. Not one bit of spam came from the machine - but they listed it simply because I had an old version of sendmail.
Since then I have considered all these lists to be unregulated vigilantes.
Speaking with other people - they also found themselves listed on various BHLs over trite and stupid shit.
With all the zombie computers out these days, BHLs are weapons of the last war anyhow.
This "evidence" appears to be fabricated. The IP address 64.233.166.178 is in fact not listed on Spamhaus at all:
or see the web lookup query at spamhaus.org.
Here, try this neat ICANN Registrar Complaint form. I can't say whether it's useful or not, but it couldn't hurt to fill it out.
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
That being said, I'm also on the other end currently. One of the domains I'm hosting has the word "ebay" within the domain name. I never even realized this. The domain name is also a legal, currently registered and operating corporation within the US. It's been in business more than two years. Its line of business has nothing to do with spam, it deals with supplying certain metal goods to large distributors and large end users within the US and elsewhere. It's the type of business where you confirm the customer is a large end user or distributor, and upon doing this, you don't have a problem sending them several thousand dollars in samples, hoping they'll place blanket orders for years into the future. Without having the knowledge on running a mail server, and currently without the resources for a secondary dns on another ip block, it was decided that GoDaddy would be the host for the mail server for the domain.
A few test emails from the business domain, with an email address that is obviously business related (sales@legitdomain, a few others), everything went through without a problem, great. Add email address to invoices, statements, shipping documents, product packaging, start using to communicate with new customers, suddenly a problem. Turns out if the email contains a couple of email addresses within the body, or if the email contains a couple of urls with certain keywords (keywords normally related to some of the customers' business lines), more than two urls, a combination of an email address and a url, and the emails would be rejected. GoDaddy's smtp server wouldn't accept the email for sending. Not that it would bounce, it would outright reject the email.
Trying to get GoDaddy's tech department just to understand what was going on was difficult. Forward the bounce message. There is no bounce message, the smtp server is outright refusing to accept the email as it is being sent. Send the error message of your email client. Email client is KMail. Here's the instructions for Outlook. Email client is KMail. Here's the instructions for Mozilla mail. Email client is KMail. Here's a screenshot of the popup error message you requested. You're using a non-standard email client. Here's the instructions for outlook. Please send me responses in plain text instead of html. Sorry, our email is sent in html. Please don't send me instructions in
That's just the first few attempts to get the email working. Next, we received every excuse known to man for why mail was being blocked. Your domain is blacklisted by the RBLs. No its not. Your domain is blacklisted by Spamhaus. No, its not. Your ip is listed in Spamhaus. No its not. Your ip block is listed in Spamhaus. No, its not. The email domain you are sending your email to is listed in Spamhaus. Are you serious?
Actual email trouble ticket response:
I would say that you've never had the pleasure of having to deal with being blacklisted by an unreasonable asshole.
I host my own mail and that of a friend. My friend was getting messages back from a couple of servers indicating that delivery of his mail was being denied because his (i.e. my) server was on the Abusive Hosts Blocking List (AHBL). Now, given that I have a very locked-down and tested qmail install and I'm providing valid SPF records from my DNS, I was a little perplexed. I got in touch with AHBL and was told that my entire IP range was on their blacklist simply because they had a beef with a particular spammer that operated from Time-Warner's network. I pointed out that this was a problem that concerned a completely different geographical area in TW's IP range, and that my IP was a static address within TW's business-class ranges. They basically said they didn't care, as my IP address belonged to TW, not to me, and because of that they absolutely were not going to unblock my IP address. It seems to me they consider their little infantile vigilante crusade against TW to be more important than anything else, even when it's pointed out to them that they are recommending the blocking of legitimate servers.
Spam is certainly an annoyance to me (close to 1K every day), but I can't afford the possibility of losing valid e-mail because some idiot spam list admin has some kind of ideological problem with an ISP, so I don't use blacklists. I can't say that Spamhaus is any better or worse, but as far as I'm concerned, the staff at the AHBL (and Andrew Kirch in particular) can go fuck themselves with a large, jagged, rough-surfaced object.
Please stand clear of the doors, por favor mantenganse alejado de las puertas
Honestly, I'm all for the use of online marketing that allows you to, and respects your right to, opt-out.
I have no problem with online marketing, but I have a problem whenever it is not opt-in (with a decent check on if you indeed tried to opt-in)
There is no reason why people should fill my mailbox and use the bandwidth I pay for to tell me something I don't want to hear to begin with. Now, if they were paying for it themselves exclusively this might change, but for now I pay for the bandwidth usage of my mail server.
which begs the question---How tough is it to set up a registrar that ICANN will recognize?
My experiences with godaddy suggest it's one of the more evil registrars. If you let your domain lapse, they'll usurp it and auction it off to the highest bidder. (And just because your TOS has a clause allowing you to do so doesn't make you not-evil..)
-os
This isn't the equivalent of a property owner evicting a tenant for drug violations, this is the equivalent of a property owner evicting every tenant in one of his buildings because one tenant is dealing drugs.
Tech Public Policy stuff
AUP Enforcement is the RIGHT way to eliminate spammers. I have also worked at a large ISP, and this is one of the best ways to fight spammers. Keep making it costly and more trouble for them than it is worth. Spamhaus is far and above the most reliable RBL in the world today and does more to help in the fight against spam than any other organization I know of. They are VERY reliable in only listing sites and domains with proper justification, and even more important deal with proper cleanup and removal of listings that have been remediated in a timely fashion. The reason you hear all the complaints about RBL's is because they are so effective. Yes, there is the occasional person that gets burnt because of their space being adjacent to spammers, but this also helps ISP's keep pressure on their clients to stay clean to prevent such over blockage. I'm personally familiar with one client of a large ISP that had a hard time kicking a known spammer off of their network due to a long pre-existing contractual obligation, that was able to finally disco them due to Go-Daddy's listing and blocking of dozens of their domains last year. Great job Go-Daddy! Keep it up, us regular users love to see you support your AUP!
This is exactly why I explicitly ignore the SORBS SpamTrap RBL. All it takes is ONE "spam" message EVER to be listed FOREVER. It doesn't even have to be spam; any message to one of their fly traps is all it takes. (they are such asses about it, too.) And they LIE about the process to get delisted -- "oh, nobody pays that 'donation' anymore..."
Basically, SORBS is pissed at gmail because they don't do any outbound anti-spam inspection. (distributed sender database thing. I'd have to dig through my email to find exactly what they insist everyone run.)