I was recently reading a thread (http://webhostingtalk.com/showthread.php?t=533482) a domain name that was "suspended" by godaddy as a result of a spam/TOS complaint.


Godaddy's action, and their TOS, got me thinking...

.. so I did some research and it looks like many popular domain registrars have a similar TOS policy, where they can suspend your domain name for TOS violation.

Now, my question is...

Why?

Why does any domain registrar have such a policy? Why do they care about what you do with a domain name? After all, isn't the service they're providing simply to register and manage domain names?

What is the motivation behind a registrar to position themselves to be jury/judge/executioner regarding the actual use of the domain name?

Shouldn't a registrar simply provide the regisration and management service.. and that's it? Why would a registrar suspend a domain name, when it is none of their business?

Am I missing something?

Thanks!

Very good question. I am trying to find analogies from other aspects of life but I can't think of any because my mind is Yahbused! (abused by Yahoo!)

Hello,

Yes they have the right to suspend the domain if the spam cop complaints them for the spaming domain that is registered with them. They should have this right to stop the increasing spamming crimes that is committed on the server increasing the server resources load and jaming the network of upstream provider, causing trouble to other servers too.

Thank you.

Regards,

Hello,

Yes they have the right to suspend the domain if the spam cop complaints them for the spaming domain that is registered with them.

So if I find out your domain, and submit a complaint to spam cop.. and your domain is suspended as a result...

.. you feel this is fair?

You feel the registrar should be making decisions on what is spam and what is not spam?

I don't understand why a registrar is empowered to make this decision, when their entire reason for existance is only to sell and manage domain names.

Why are they interfering in "the content" of how the domain name is used?

I think that a registrar should be able to suspend/terminate a domain name if the domain is used for illegal activities such as fraudulent phishing sites. When it comes to spam, they probably shouldn't suspend the domain. I hate spam mind you. What happens if some spammer spoofs the email headers and uses your domain in the 'from' address? I should have my domain suspended? Illegal phishing sites should instantly lose there domain if it is proven they are behind it. But I guess either leaves the registrar as the judge & jury, and they would hold the fate of your domain name with them. I am not sure how fair they would be in deciding the fate of a domain name.

I once asked that question here and other places, zippy. From what I've gathered,
majority believe registrars shouldn't police spam or the like.

Now both registrars and us end-users are entitled to whatever we want to believe
in. No problem with that.

But let's get real: it's their resources we're using. Other than what any authority
or law "dictates", they can do whatever they want.

One reality here is we're going to see more and more registrars taking proactive
measures against spam, phishing, and the like. Some are more capable of dealing
with them, others...leave much to be desired.

You say their "entire reason for existence is to only to sell and manage domains".
Other than you, is there any authority who also says so?

Things change, even if it's one we don't necessarily like. Some registrars have now
"evolved" to handle other things, and even decide to tackle issues that they "feel"
will help make things better.

If you don't happen to agree with their policies or feel they're not meeting any of
your expectations, then use someone else as always. But finding one that does or
can isn't going to be as easy as it used to be.

Are registrars obligated to take actions such as this? Is it in their own agreements with icann?

I was not able to find anything in their mandate that requires a registrar to behave this way, or take actions agains domains under their control. From what I can see, their only requirement is to manage domain registration services.

Anything "extra" such as suspension of a domain for spam/phishing/whatever is not required in order to be a registrar.

Does anyone know if I am incorrect?

I was not able to find anything in their mandate that requires a registrar to behave this way, or take actions agains domains under their control. From what I can see, their only requirement is to manage domain registration services.

Anything "extra" such as suspension of a domain for spam/phishing/whatever is not required in order to be a registrar.

Bingo.

In the absence of any specific policies stated by ICANN regarding specifically
this or that, registrars can do anything they want.

Try this imaginary scenario.

I'm driving my car along the street. I see a poster of a really hot woman.

I get so glued looking at the poster I accidentally hit a lightpost. I'm not hurt, but
my car's left front fender is hit bad.

I contact my auto insurance company and tell them what happened. A lady takes
my call, and I ask something like this:

Me: Lady, I bumped a lightpost. Am I covered?

Lady: That depends. What happened?

Me: Uh..I kept looking at a poster of this really hot woman I didn't see I was about
to hit that lightpost. Damn, that woman was really hot, I swear.

Lady: Oh in that case, I'm sorry that's not covered. We don't have any for looking
at a poster of a hot woman.

Oh damn.

Specifics, mrzippy. Specifics.

In the absence of any specific policies stated by ICANN regarding specifically
this or that, registrars can do anything they want.

Try this imaginary scenario

.....

Specifics, mrzippy. Specifics.

It is precisely the lack of specifics that prompted this post. :)

It just seems to me that there is a big risk for any company who generates significant income from their website.

As the spam/phishing issue becomes higher and higher, I think more registrar's might "feel" they have to do something when someone logs a complaint.

When, in fact, it is none of the registrar's business.

I think your analogy would be more accurate if it went like this:

You: Hello, I am calling to complain about the person who just hit a lightpoll with his Ford.

Ford Manufacturer: Umm... why are you calling us? We just make the cars. We are not resonsible for how they are driven.

The point of my analogy above is the company in question can do anything they
want, as long as they're in compliance with all relevant parties and if there isn't
any specific "rule" preventing them from doing this or that.

But you get the idea with your Ford car thingie. :)

I've observed that many of these "registrar screwed me" threads occur because
people have unrealistic expectations based on inaccurate or incomplete info. More
so if they're too lazy to read the fine prints or ask them specific questions.

Makes one glad we've got choices for domain registrars. There are about 863 of
them, though only a few are real registrars. :D

I take it mrzippy, your solution would be just use enom?

I'm not looking for a solution. This has nothing to do with anything I need...

I am simply looking for discussion about this topic.

:)

So if I find out your domain, and submit a complaint to spam cop.. and your domain is suspended as a result...

.. you feel this is fair?

You feel the registrar should be making decisions on what is spam and what is not spam?

I don't understand why a registrar is empowered to make this decision, when their entire reason for existance is only to sell and manage domain names.

Why are they interfering in "the content" of how the domain name is used?


If the domain is registered with spam cop for spaming and AUP violations, then the registrar should suspend that domain. The suspension is done on the basis of the intensity of the crime committed by the domain.

Thank you.

Regards,

We police domains for spam, phishing, copyright, hacking, etc. We do it because we don't want to be sued by the people damaged by these activities.

When people sue, they go after the deep pockets. And the script kiddie with 7 domains in his account usually does not have deep pockets. So they are going to go after the registrar and web host who helped enable the phishing expedition.

Glad to hear you've got deep pockets dynadot. Perhaps you could teach GoDaddy a thing or 2 :)

Haha, we are a rounding error compared to GoDaddy. :) :) So don't sue us!!

We police domains for spam, phishing, copyright, hacking, etc. We do it because we don't want to be sued by the people damaged by these activities. Exactly. It's all about liability and CYA.

When my brother and I were teenagers in our first jobs. I could tell you instantly the decimal value of any value between a farthing and a pound to 4 decimal places. My brother was working for the Coal Board and was rounding line items to 1 million pounds. No wonder they never made any money. Any profit was lost in the rounding :)

dynadot,
if your assubmtion is right then why they wouldn't go after the registry? aren't they the first place who created the name ? :)

from my point if view i see the hosting company should take the action because they are the main tool which been used to spam and generate spam and secondly the ISP whom gave internet connectivity to that abuser and allowed him to spam.

Well anyone can be named in a lawsuit, so the injured party may very well sue the central registry. There are different levels of liability, and as the registrar we are probably closer to the customer than the central registry. Thus we may be held more responsible in a lawsuit.

I think if you have your domain name with a registrar that you are scared to be with because of some of the activities you do, then you need to call your registrar and make sure that they provide you with assurances that it would take more than a handful of complaints to shut you down... and get that in writing.

Otherwise move the domain to another registrar that you have confidence in.

Well anyone can be named in a lawsuit, so the injured party may very well sue the central registry. There are different levels of liability, and as the registrar we are probably closer to the customer than the central registry. Thus we may be held more responsible in a lawsuit.
Exactly.

So why do some registrar's take an "active" stand and suspend domains for various reasons?

Why would they voluntarily open themselves up to the risk of a lawsuit by "suspending" someones domain if it is accused of being used in spam/phishing website, etc?

Wouldn't it make more sense for the registrar to just say that they will NOT get involved in touching the domain name in any way unless they are ordered by ICANN or a court of law?

?

Exactly.

So why do some registrar's take an "active" stand and suspend domains for various reasons?

Why would they voluntarily open themselves up to the risk of a lawsuit by "suspending" someones domain if it is accused of being used in spam/phishing website, etc?

Wouldn't it make more sense for the registrar to just say that they will NOT get involved in touching the domain name in any way unless they are ordered by ICANN or a court of law?

?

Bingo......we just had a big discussion about this. Sometimes it is better to do nothing then to do something or you open up yourself to lawsuits. There is a reason one of my co-workers doesn't shovel his sidewalk. If he shovels it and someone slips, they can sue him and say that they had a reasonable expectation it was safe and that he was negligent by not making sure the sidewalk was safe. Since he doesn't shovel it there is no expectation of safety.

Dynadot, I'm most saddened by your decision to police your domain clients. I have over 200+ names at Moniker and about 24 with you guys. I was going to start putting all new registrations with you guys but now I'll be moving my names elsewhere.

The problem with registrars trying to get involved with spam policing is that it's an absolutely pointless effort. For some reason GoDaddy and other registrars don't seem to clue into the fact that suspending a domain does not stop outgoing email. You can spew email all day long without having a single domain registered, so any registrar that believes they are somehow contributing to spam clean-up is sadly mistaken.

What they can affect is being able to hit links within spam emails for some cases. Unfortunately spammers usually make a habit of obfuscating their URLs and using direct IP addresses. In the event you can actually suspend the domain for access, you usually tip off the spammer to clean-up any evidence before the host can get involved to lock things down.

Of course, registrar domain suspension usually carries consequences far worse than the problem they are trying to prevent. It's kinda like shooting your friend in the foot to remind them to tie their shoes so they don't trip.

It really is a wonderful mess.

I think it takes some guts for dynadot to come and explain their side.

We police domains for spam, phishing, copyright, hacking, etc. We do it because we don't want to be sued by the people damaged by these activities.

When people sue, they go after the deep pockets. And the script kiddie with 7 domains in his account usually does not have deep pockets. So they are going to go after the registrar and web host who helped enable the phishing expedition.
When you say they go after the "web host who helped enable the phishing expedition" how is it the registrar's fault to begin with? No registrar in their right mind would allow a domain to be registered had they known in advance the domain is going to be used for such purposes, and there is no way to know until the action takes place.

This reminds me of a funny situation at the local DMV (Division of Motor Vehicles). When you go to renew your license they ask you to fill out a card where one of the questions is "Are you a legal resident of this country?" Who in their right mind would say "no" to that? lol.

We police domains for spam, phishing, copyright, hacking, etc. We do it because we don't want to be sued by the people damaged by these activities.
Thank you for letting us know. This saves me from ever thinking of registering any domain with Dynadot (and Godaddy). I don't want anyone with deep pocket to be able to destroy my business anytime he wants to.
I have my own risks, so do you (although I have never heard of any registrar being sued for spam liability). I am going with the registrars who are willing to take the risk for me.

Thank you for letting us know. This saves me from ever thinking of registering any domain with Dynadot (and Godaddy). I don't want anyone with deep pocket to be able to destroy my business anytime he wants to.
I have my own risks, so do you (although I have never heard of any registrar being sued for spam liability). I am going with the registrars who are willing to take the risk for me.
Though taking it to the police does seem kind of harsh, I haven't seen a registrar who does not post the disclaimer for not being liable for its customer actions.

May the best option is to go with registrar who does not care, like 1and1, who take forever to reply support email so I doubt they are willing to go through the extra trouble of suspending a spammer's or phisher's domain and then going through all the procedures to get it back online, lol.

P.S. I was just kidding about signing up with 1and1 IF you are serious about support.

It looks like Tucows won't suspend for anything... that is a good choice. ;)

When you say they go after the "web host who helped enable the phishing expedition" how is it the registrar's fault to begin with? No registrar in their right mind would allow a domain to be registered had they known in advance the domain is going to be used for such purposes, and there is no way to know until the action takes place.

Ideally that's true. But in the real world, what's to stop someone with lots of time
and money in their hands to sue the registrar for something?

That's what registrars like Go Daddy and Dynadot want to prevent. Unfortunately
it's got pros and cons, take your pick.

More registrars will be taking sides on this sooner or later. It's up to each one how
to approach this issue.

Ideally that's true. But in the real world, what's to stop someone with lots of time
and money in their hands to sue the registrar for something?

That's what registrars like Go Daddy and Dynadot want to prevent. Unfortunately
it's got pros and cons, take your pick.

More registrars will be taking sides on this sooner or later. It's up to each one how
to approach this issue.
Hmmm....true. in today's world you don't know from which side you will get hit by a lawsuit. Sometimes its the least anticipated source.

Thank god I have just a few domains left to be moved from Godaddy. I have moved all domains I could already out of there.

Thank god I have just a few domains left to be moved from Godaddy. I have moved all domains I could already out of there.
Out of curiosity: where did you transfer your domains to?