September 19, 2008
I've been in touch with Greg Aaron from Afilias regarding my recent gripe complaining about the poor quality of address vetting at various registrars, with Afilias singled out for particular abuse. He's asked me to post the following, which outlines what Afilias is actually doing to fight domain abuse.
Allow me to tell you some of the things we've been doing at Afilias. Far from doing nothing as you stated, we actually have one of the most innovative registry anti-abuse programs around.
This year so far, Afilias has been responsible for proactively getting more than 80,000 .info domains suspended for spam and related WHOIS accuracy violations. And it's working. For example, the number of .info domains on the Outblaze blacklist (ob.surbl.org) has dropped 85% over the last few months due to those suspensions, and .info's ranking on URIBL has dropped also. Interestingly, the domain you used as an example (IDOWEDDINGBOOK.INFO) is not on the URIBL or SURBL spam blacklists. If they missed it, I don't feel so bad.
In addition to the spam domains, we've actively rooted out and dealt with significant numbers of phishing, malware distribution, and fast-flux domains. Spam and these abuses are often related, and so we've been making contributions to the community to help deal with them. Examples include my work on the Anti-Phishing Working Group (such as this important white paper), work on ICANN's Fast-Flux Working Group, and our CTO's work on ICANN's Security and Stability Committee. Also FYI, check out the new .info anti-abuse policy that Afilias sent through the ICANN process this summer. We thought it important to make our position on domain name abuses clear for all.
Afilias' general approach is to work with the registrars cooperatively on domain take-downs, for several reasons:
- The registrants are the registrars' customers, and they have the direct relationship. The registrars have responsibility for the registrants, and have contractual terms of service that are suited to dealing with abuse.
- Once they are informed of a potential problem, the registrars usually have more data to go on than the registry does. The registrars are taking the credit card information, they can see what domains their registrants have registered in other TLDs, and they know what domains belong to which of their resellers. Those are important clues to fraud and abuse, and registries such as us have no visibility into those things.
- Our anti-abuse reporting to the registrars almost always leads to positive actions. Most registrars want to know about problem registrants, and prefer not to keep them as customers. The positive result is that the registrars suspend domains and sometimes entire registrant portfolios. Registrars have told me that our reporting has also led them to drop abuse-prone resellers.
It is sometimes frustrating that the process takes time, but diligence is important. For example, I see a lot of inadvertently incorrect WHOIS records. No one wants to turn off someone's domain by mistake.
So it's unrealistic to expect anyone to catch and address every batch of problem domains, and we can't guarantee we will. But Afilias is always happy to receive well-sourced, documented tips to go on. I contacted AB Domains about the IDOWEDDINGBOOK.INFO case, and I will let you know how it turns out. Thanks, and I look forward to keeping in touch with you.
With best wishes,
Director, Domain Security
I'll have more commentary and a response soon.
Posted by schampeo at September 19, 2008 2:03 PM
TrackBack URL for this entry: