Comments regarding the FOA
ICANN forces the industry for the first time to use FOA's. (Please correct me, if I'm wrong.)
The FOA's should be sent by mail to these parties:
- Former/current Registrant of record - The Registrars
This could cause an impact for our whole business.
Since a Registrant must confirm the mail, and before this happens, the Gainging Registrar is not allowed to start the transfer, the process is based on e-mails (!!!).
Since it is the first time ICANN forces to use Standard Forms that everyone could see at the ICANN homepage, this is different to current behaviours.
Today, Registrars are free to design their mails to the "parties". With the new Policy, the industry must switch to offical FOA's.
Assume some bad guy that takes this FOA, put some words like "VIAGRA, PENIS, FREE SEX..." inside. He takes this mail an sends 100.000 mails to some big mailservers like AOL, MSN, Hotmail and Yahoo. (It is to mention that the Registrants involved in this process have their accounts often at those companies, but the impact works for all modern mailservers.)
All big mailservers today learn automatically what SPAM is, and they will treat such a mail as SPAM. Blacklists will be updated immediately, worldwide. Within 48 days, most of all mailservers are up to date and know how to treat this mail (the FOA!!!). It is SPAM.
We made local tests, our Spam Assasin (some of the most used programms for Anti-SPAM in Linux...) drops this mails.
Remember: If no FOA's are received by the Registrant, no Registrant could give the ACK to start the transfer. Since mailservers/spamfilters drop such mails, the business stops.
How can ICANN guarantee that that the FOA's could be received by the former/current Registrants?
ICANN can not impact our business with such a process. The FOA's could be misused by everyone.
From my perpective, ICANN has to
Change the Policy, that every Registrar is allowed to use forms they want and the FOA's could be treated as example only. This makes it much more difficult for someone to misuse all of these forms. If every registrar is free to construct the text for the mail, it would be hard work for a hacker to impact all mailservers with all possible forms.
-- With best regards, TEAM PSI-USA / Hostmaster _______________________________________________ PSI-USA Inc., DNS Service Center (Hostmaster) Maximilianstrasse 6, 93047 Regensburg, Germany Curd Bems, hostmaster@xxxxxxxxxxxx Tel. +49 941 59559-235 Fax. +49 941 59559-457