Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Web Firm Described As "Phantom Registrar" Haven

Posted by timothy on from the take-it-for-what-you-will dept.

snydeq writes "InfoWorld's Martin Heller directs attention to ongoing investigations of more than 40 phantom registrars linked to The Directi Group, including PDR, one of the 10 worst offenders on the Net. According to KnujOn, an additional 19,000 domains advertised through spam have been hiding their ownership behind PrivacyProtect.org, which The Washington Post has outed as Directi-owned. Directi claims it suspends illicit domains, but KnujOn provides documentation suggesting that Directi reports the registrars suspended and then reinstates them at another IP address. 'There has been some outcry about all this from the ICANN At-Large Committee, but as of this writing there has been no response from ICANN's Tim Cole,' Heller writers. 'Perhaps that has something to do with the fact that LogicBoxes, a Directi-owned registrar, has sponsored ICANN meetings in L.A. and Delhi.' Directi has since issued an official response to the allegations."

2 of 161 comments (clear)

  1. Send the tax collectors by GaryOlson · · Score: 5, Interesting

    Al Capone was prosecuted and imprisoned because he failed to pay his taxes. Use the same tactic on spammers. Subpoena the customer list of these registrars under conspiracy to avoid taxation. Then audit the taxes of all the domain owners.

    These types of registrars and domain owners will no longer have a viable business if the expense of avoiding the government is too high. This would also be a useful method of giving lawyers something to do and stop bothering us normal people (with NewYorkCountryLawyer as an exception of course).

    --
    Every mans' island needs an ocean; choose your ocean carefully.
  2. Use the information against the spammers? by Seriph · · Score: 5, Interesting

    I've been doing some digging into this over the last few months and noticed an awful lot of spamvertized sites seem to have their domains registered with such privacy protecting registrars.

    I've been thinking about how to use the fact that a domain is registered with such a registrar as part of a spam scoring metric and whether anyone else has already done work on this? Just on the mail passing through my systems, I'm seeing a very strong correlation between a mail being spam and it referring to a domain registered with such a registrar, with the domain nameservers being on dynamic IP space, and with the DNS for the spam domain having a very low TTL value set.

    It's also interesting to track back the nameservers for any domains referred to in the NS records of the spam domain. By doing so I can find fairly large networks of interrelated spam domains and spam websites, the addresses of many of which already appear on the likes of the Spamcop and Spamhaus SBL/XBL lists or appear there shortly afterwards.

    The point is, is it practical to use this sort of information against spammers and is anyone already doing it?