godaddy spam / abuse suspensions?

James Hess mysidia at
Sun Nov 16 22:50:27 UTC 2008

It's also not effective in various situations.
The bad behavior is not disabling abused domains, it's the method used to do it
(by giving no answer instead of actively giving a negative answer).

When a http client asks  recursive resolver A  for an A RR, and no
response is received,
the client will then  go to  recursive resolver B  and make the very
same query again,
and possibly on to recursive resolver C.

One of the secondary/tertiary recursive resolvers may hand the client
a cached response that had been obtained before the registrar took any
If instead recursive resolver A  returned a NXDOMAIN,  that would be
the end of it,
no new queries,  the answer has returned  name does not exist.

The impact of the additional queries can be significant as well.


On Sun, Nov 16, 2008 at 4:38 PM, Andrew Fried <andrew.fried at> wrote:
> Chances are if the domain has been sandboxed, it was because it was
> involved in some kind of phishing scheme, not spam.  This is the
> typicaly way of mitigating fast flux botnets.  So I don't agree with the
> assessment that this is bad behavior on the part of GoDaddy - to the
> contrary, they are acting quite responsibly.
> AF

More information about the NANOG mailing list