Article on spammers and their infrastructure

Suresh Ramasubramanian ops.lists at
Mon Jan 4 01:37:56 UTC 2010

On Sun, Jan 3, 2010 at 10:24 PM, Eric Brunner-Williams
<brunner at> wrote:
> On 1/2/10 11:38 PM, Suresh Ramasubramanian wrote:
>> ... it would be interesting if some process were developed to
>> deaccredit or otherwise kill off the shell registrars
> Suresh, Why?

My comment was more in the context of this thread's original topic -
killing off bogus spam / botnet operations that become registrars
(and/or registrar resellers) who buy an outsourced instance of one of
the "registrar in a box" services, and are immediately in business.

Though, you might want to prevent shell registrars for the same
reasons that auctions try to weed out shill bidders.

And while it is a rational economic idea for a bidder to game an
auction by setting up shills, the auctioneer and the other bidders
lose out in the end.

> Now, shell registrars are a pain in the ass, not for operational reasons,
> but because every time someone wants to say something stupid and get away
> with it they say "<some large number> of registrars".

That too of course.   Reminds you of Tammanny Hall sometimes? :)

> Shell registrars are not, generally, the source of primary registrations of
> arbitrarily abusive intent. That problem lies elsewhere and is adequately
> documented.

Wasn't talking about shell entities setup by various registrars for
drop catching and such.   Though as I pointed out, those could be
weeded out for fairly sensible economic reasons, for the same reasons
such practices are discouraged in elections, auctions, rationing
systems (like the depression era / WW-II food stamps system) etc.

Was talking about totally bogus registrars that are "spammer sets up
an LLC, said LLC submits all the paperwork to become a registrar,
rents an instance of a DIY registrar service .. and starts doing
roaring business with just one customer - the spammer)


More information about the NANOG mailing list