ICANN ICANN Email List Archives


<<< Chronological Index >>>    <<< Thread Index >>>

[gnso-ff-pdp-may08] Scope of this project

  • To: "gnso-ff-pdp-May08@xxxxxxxxx" <gnso-ff-pdp-May08@xxxxxxxxx>
  • Subject: [gnso-ff-pdp-may08] Scope of this project
  • From: Marc Perkel <marc@xxxxxxxxxx>
  • Date: Thu, 03 Jul 2008 09:18:27 -0700

I know this is called the Fast Flux group but is the discussion limited to just that or can we talk about broader concepts of preventing phishing, fraud, and criminal activity in general?

Also - one of the things that I'm interested in exploring is registrars providing DNS lookup of additional non-private information about a domain so that people in the spam filtering business, like myself, have more information in order to determine if an email is likely to be fraud.

For example - if I could read through a DNS lookup what the age of the domain was in days and the number of name servers changes made recently I could block fast flux messages. Suppose for example there was a domain whois.info. We do a lookup as follows:

dig example.com.age.whois.info TXT

This would return the age of the domain (or owned by current owner).

dig example.com.nschanges.whois.info

This could returnL if 0 to 1 NS change in the last 3 days. if 2-3 changes in the last 3 days if more than 3 changes in last 3 days.

I would also like this:

dig example.com.registrar.whois.info TXT
This would return the registrar name.

Another request - finding out who to report problems to.

dig example.com.domain-abuse.whois.info TXT
This would return the email address to report problems to.

or for IP address ...

dig TXT
This would return the email address to report problems with an IP address.

Right now I have a list of 1,615,203 IP addresses of virus infected spambots that have tried to spam one of my servers in the last 5 days. If I had a place to report the problem using automation I could take out 1.6 million spambots. But I don't have a way to do that. This kind of information would allow this to happen.

Information like this would be very valuable to someone like me in fighting spam, fraud, and fast flux. And - I believe with the right policies and procedures I could put myself out of business by completely eliminating the virus problem.

So - thoughts? Can we do this? Can we create a whois.info domain to publish non-private info on domains to help stop fraud and phishing?

Marc Perkel
Junk Email Filter

<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy