Discuss mailing list

[Jeff Taylor <shdwdrgn AT sourpuss.net>]

I posted last year about shutting down several domains for spreading 
malware, and it has come to my attention again that there are more doing 
the same thing.  First off, if you think you're going to avoid detection 
by using these utterly racist domain names, yeah those things tend to 
catch my eye.  Also the tendency to list more than a dozen A records, 
all pointing to different countries, raises questions of legitimacy.

We've played nice by allowing open and automated registrations, but some 
bad actors have decided once again to take advantage of our services.  
Automated services can be used against those same people, and I will be 
writing up some new scripts to check domain records against well known 
block lists (for example, spamhaus has records on every IP I've checked 
so far).  I do not plan on sending out notices for the domains  that get 
blocked, I will simply remove them from the DNS records.

Those who know me will understand that I try to err on the side of 
caution, and I will do my best not to remove any legitimate domain 
entries.  If you think something was removed in error, go ahead and 
reach out to me.  If you suddenly had dozens of domains removed which 
were all pointing to known malware sources, then yeah you already know 
what you did and there were no accidents.