[policy] When Tech Meets Policy...

Chris L. Morrow christopher.morrow at verizonbusiness.com
Wed Aug 15 06:00:20 UTC 2007

On Wed, 15 Aug 2007, Paul Ferguson wrote:

> Hash: SHA1
> - -- "Chris L. Morrow" <christopher.morrow at verizonbusiness.com> wrote:
> >On Tue, 14 Aug 2007, Douglas Otis wrote:
> >
> >> That point forward, spammers would be less able to take advantage
> >> of domains in flux, and policy schemes would be far less perilous for
> >
> >are spammers really doing this? do they mine the domain system for changes
> >and utilze those for their purposes? I ask because i don't see that in my
> >data, which is small admittedly... I see lots of existing well known
> >domains in the 'from'. Unless you have some data showing otherwise (or
> >someone else has data to share) I think this is a specious arguement.
> >
> More than ~85% of all spam is being generated by spambots.

yes, that relates to my question how though? I asked: "Do spammers monitor
the domain system in order to spam from the domains in flux as tastinng
domains?" I asked this specifically because that behavior was being used
as a 'resaon to stop tasting', or to clamp down on it atleast.

> Spammers are gaming the domain registry system, not for MX record
> manipulation, but to install their own nameservers on compromised
> hosts, round-robin and fast-flux their ability to avoid detection,
> and inevitably hide behind various layers of obfuscation.

Sure, they are being bad, they are doing what akamai does (or other CDNs)
only for illegal end reasons... That's not relevant to my question, but I
agree it's a dirty trick stil.

> They are manipulating both the (legitimate) process of obtaining
> IP addresses, registering domain names (and all the cruft that
> it brings along with it, given the loopholes in the processes),
> and manipulating the ability to move their nameservers around
> at-will.

That's not a manipulation so much as using the system as designed.

> It's pretty much a mess -- these guys use the system to succeed.

agreed, they are a mess (spammers and their current business)

> Honestly, I don't have any answers -- only questions at this
> point. :-/

me too, I just don't want to see the issue sidetracked on:

1) spammers using tasting to their benefit
2) phishers are tasters/use tasting to their benefit

neither of which is, near as I can tell, true or real fears. Tasting is,
in and of itself, a completely different problem with a completely
different set of issues... Conflating the 3 (or parts of the 2 sets) is
just as wrong as saying that 'tasting lets the terrorists win'.


More information about the NANOG mailing list