Latest news of the domain name industry

Recent Posts

Vixie declares war on domain name crooks

Kevin Murphy, July 30, 2010, 18:53:35 (UTC), Domain Tech

Bad news for domain name speculators?

Paul Vixie of the Internet Systems Consortium has plans to bring the equivalent of an anti-spam blacklist to the DNS itself.

The Response Policy Zones spec, drafted by Vixie and Vernon Schryver of Rhyolite, is designed to allow ISPs, for example, to block domains based on standardized reputation data.

In this blog post, Vixie writes that the next version of BIND will include the technology. ISC has also made patches available for those who want to test RPZ now.

This kind of technology has been available for mail servers for years, and can be found to an extent in desktop software and search engines, but RPZ would bake it into the DNS itself.

For users behind a recursive name server implementing RPZ, domains with bad reputations would either not resolve or would be redirected elsewhere.

It would not, however, provide a mechanism to wildcard non-existent domain data and bounce surfers to search/advertising pages. Many ISPs already do that anyway.

If you speculate at all in domain names, the opening paragraphs are probably the most interesting part of the post (my emphasis):

Most new domain names are malicious.

I am stunned by the simplicity and truth of that observation. Every day lots of new names are added to the global DNS, and most of them belong to scammers, spammers, e-criminals, and speculators.

I’m sure there’s a fair few law-abiding speculators reading this who won’t be happy being lumped in with criminals and spammers.

Luckily for them, Vixie said that the ISC will limit itself to providing the technology and the specification; it will not act as a reputation service provider.

The ISC is the Microsoft of the DNS, BIND its Windows, so we could expect a fairly broad level of adoption when the technology becomes available.

Vixie’s post, also published at CircleID, is well worth a read. If anything, it certainly goes a way to cement Vixie’s reputation as the grumpy old man of the DNS.

Tagged: , , , , , ,

Comments (5)

  1. Nic says:

    Thanks Kevin. Good analysis. I saw the CircleID post and didn’t quite know quite what to make of it.

  2. Michele says:

    Vixie’s claim about “most domains” being “malicious” is exaggerated to put it mildly

  3. paul vixie says:

    i’m sorry to cause you guys any concern. while i do personally think that every domain should add value for both registrant *and* the end-user, i should probably have used a word other than “malicious” if i was going to include speculators in the referent. i do not anticipate that anyone anywhere feels that domainers are a danger or that your domains are worth paying some reputation provider for a feed that blocks them.

    you guys are safe, don’t worry about RPZ too much. my only caution, since i have your attention on the matter, is that if your domain parking systems are hacked and abused, then the domains where malware can be propagated might be in danger of getting listed in various reputation systems. but i know full well that malware is not the goal of the domainer industry and that you guys hate it as much as i do.

  4. Bryan says:

    Death of the Internet, film at 11:00.

    I strongly disagree, most domains registered en mass and for a short period of time – domain tasting and similar – are used for malicious purposes.

    Just look at all transient domains registered by the snow shoe spammers who change the PTR records for all their thousands of IP addresses on a daily basis. Look at all the temporary domains registered by malware authors.

    The proliferation – by the millions – of domains used for evil intent must stop.

    If you do domain tasting for the purpose of click hits, then those domains probably should not be listed in the RPZ.

    I think I see where Paul Vixie is headed, and it does not affect you unless you are using the domains as spam and malware sites.

    No serious network operator will use RPZ in a manner other than to benefit their customers.

    In any event, it comes down to my net, my rules.

Add Your Comment