Open letter to ICANN and all the Registrars
Wednesday, October 31 2007 @ 04:44 AM Eastern Daylight Time
Contributed by: Michael Brusletten
Views: 3,277
This is an open letter to ICANN and all the Registrars,
Comments are welcomed by everyone. Please read all.
Have you ever thought about how the spammers are getting away with the crimes that they commit? We we have and its very disturbing that ICANN allows this to happen right under their noses. We will try to explain this as simple and with real information as possible. First of all you may receive an email toting some frivolous junk advertising like below:
Yep. Its very sad. The spammers can't even make a decent message that conforms to the HTML standards, let along proper grammar. Here is the original HTML from the email and below that is the same one, but cleaned up so that it could be properly displayed
-----------------------------------------------------------
Original HTML message
Even if you have no erection problems = Cialis would=20 help you to make better sex more often and to bring unimaginable = plesure=20 to her. Just disolve half a pill under your tongue and get ready for = action in=20 15 minutes! The tests showed that the majority of men after taking = this=20 medication were able to have perfect erection during 36 hours!
| Package | Quantity | Price in your = local drugstore* | Our = price | |
| 10 tabs | 20 doses | $34.19 | ||
| 30 tabs | 60 doses | $104.66 | ||
| 60 tabs | 120 doses | $180.15 | ||
| 90 tabs | 180 doses | $242.06 | ||
| 180 tabs | 360 doses | $445.61 |
When you are young and stressed =
up…
When you are aged and never give up…
Cialis gives you confidence in any chance, every time.
-----------------------------------------------------------
Here is the cleaned up version. Notice all the equal signs are no longer showing. Even the table is showing properly and the the link actually shows now
Even if you have no erection problems Cialis would help you to make better sex more often and to bring unimaginable pleasure to her. Just dissolve half a pill under your tongue and get ready for action in 15 minutes! The tests showed that the majority of men after taking this medication were able to have perfect erection during 36 hours!
| Package | Quantity | Price in your local drugstore* | Our price | |
| 10 tabs | 20 doses | $34.19 | ||
| 30 tabs | 60 doses | $104.66 | ||
| 60 tabs | 120 doses | $180.15 | ||
| 90 tabs | 180 doses | $242.06 | ||
| 180 tabs | 360 doses | $445.61 |
When you are young and stressed up…
When you are aged and never give up…
Cialis gives you confidence in any chance, every time.
-----------------------------------------------------------
Still the message is not as eloquent as it should be if written professionally. Well anyways, here comes the next part of this story. When you start to dig into this, its a real mess. Lets see if we can make any sense of the info that is about to be presented.
The domain name of wentstore.com from the link in the email. We look it up and get the following on the whois record.
The data in this whois database is provided to you for information
purposes only, that is, to assist you in obtaining information about or
related to a domain name registration record. We make this information
available "as is," and do not guarantee its accuracy. By submitting a
whois query, you agree that you will use this data only for lawful
purposes and that, under no circumstances will you use this data to: (1)
enable high volume, automated, electronic processes that stress or load
this whois database system providing you this information; or (2) allow,
enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via direct mail, electronic
mail, or by telephone. The compilation, repackaging, dissemination or
other use of this data is expressly prohibited without prior written
consent from us. We reserve the right to modify these terms at any time.
By submitting this query, you agree to abide by these terms.
Domain name: wentstore.com
Registrant Contact:
liu haijun
haijun liu cncliup@21cn.com
+86.2732290023 fax: +86.2732290023
wuhan
wuhan hubei 361004
cn
Administrative Contact:
haijun liu cncliup@21cn.com
+86.2732290023 fax: +86.2732290023
wuhan
wuhan hubei 361004
cn
Technical Contact:
haijun liu cncliup@21cn.com
+86.2732290023 fax: +86.2732290023
wuhan
wuhan hubei 361004
cn
Billing Contact:
liu haijun cncliup@21cn.com
+86.2732290023 fax: +86.2732290023
wuhan
wuhan hubei 361004
cn
DNS:
ns0.freednsservice1.com
ns0.rootsystemrestore.com
Created: 2007-10-27
Expires: 2008-10-27
Lets take a look at the ISP's that are hosting the spammers website more in detail. We see that they are currently on several of these IPs as listed, and now if we look at these IPs and see who the ISP is, we see that they are being hosted by several for redundancy backup and failover.
|
89.178.164.56 122.18.253.140 122.123.207.122 125.229.129.121 210.96.207.70 221.127.56.248 81.198.215.67 85.11.167.7 85.179.49.227 85.179.83.181 85.180.252.140 85.250.76.137 89.110.4.27 89.138.196.38 89.178.31.146 |
Corbin Telecom - Russia OCN NTT Communications - Japan HiNet Internet Service - China HiNet Internet Service - China DACOM BoraNet - Korea Hutchison Global Communications - Japan Lattelecom - Latvia SKKNET - Russia HanseNet Telekommunikation - Germany HanseNet Telekommunikation - Germany HanseNet Telekommunikation - Germany NetVision - Isreal North-West Telecom - Russia NetVision - Isreal Corbin Telecom - Russia |
Now this is one serious spammer that wants to keep their site(s) up and running just for that one domain name. We've noticed that they are running most likely several domain names that run the same content for Canadian Pharmacy.
Now that we've seen this and start looking thru the whois, wow, where's all the proper information that's supposed to be listed? We see a name, email name and phone numbers listed. However, they are most likely bogus (fake) info so that they couldn't easily be tracked. Okay so we continue our investigation on up the line looking at the DNS provider:
The Data in Paycenter's WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration
record.
Paycenter does not guarantee its accuracy. By submitting
a WHOIS query, you agree that you will use this Data only
for lawful purposes and that, under no circumstances will
you use this Data to:
(1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations
via e-mail (spam); or
(2) enable high volume, automated, electronic processes that
apply to Paycenter or its systems.
Paycenter reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Domain Name:freednsservice1.com
Registrant:
Mei guo
Mei guo
610000
Administrative Contact:
Mei guo
Mei guo
Mei guo
Mei guo 610000
United States
tel: 86 028 89866665
fax: 86 028 89866665
df@hotmail.com
Technical Contact:
Mei guo
Mei guo
Mei guo
Mei guo 610000
United States
tel: 86 028 89866665
fax: 86 028 89866665
df@hotmail.com
Billing Contact:
Mei guo
Mei guo
Mei guo
Mei guo 610000
United States
tel: 86 028 89866665
fax: 86 028 89866665
df@hotmail.com
Registration Date: 2007-09-25
Update Date: 2007-09-25
Expiration Date: 2008-09-25
Primary DNS: ns0.kopepharas.com 221.127.56.248
Secondary DNS: ns0.mukopkufude.com 193.77.45.29
And of course lets get the other one involved as well
The Data in Paycenter's WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration
record.
Paycenter does not guarantee its accuracy. By submitting
a WHOIS query, you agree that you will use this Data only
for lawful purposes and that, under no circumstances will
you use this Data to:
(1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations
via e-mail (spam); or
(2) enable high volume, automated, electronic processes that
apply to Paycenter or its systems.
Paycenter reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Domain Name:rootsystemrestore.com
Registrant:
Mei guo
Mei guo
610000
Administrative Contact:
Mei guo
Mei guo
Mei guo
Mei guo 610000
United States
tel: 86 028 89866665
fax: 86 028 89866665
df@hotmail.com
Technical Contact:
Mei guo
Mei guo
Mei guo
Mei guo 610000
United States
tel: 86 028 89866665
fax: 86 028 89866665
df@hotmail.com
Billing Contact:
Mei guo
Mei guo
Mei guo
Mei guo 610000
United States
tel: 86 028 89866665
fax: 86 028 89866665
df@hotmail.com
Registration Date: 2007-09-25
Update Date: 2007-09-25
Expiration Date: 2008-09-25
Primary DNS: ns0.kopepharas.com 221.127.56.248
Secondary DNS: ns0.mukopkufude.com 193.77.45.29
Ohh you got to be kidding, right? Looks like the same person owns both DNS domains. Okay that's not a crime in itself. However, falsifying information is according to ICANN rules and policies regulations
So it is our belief that the whois information listed above in the records is falsified and incorrect. If you are a Registrar, please be advised that we intend to start submitting domain names for verification on all information listed in the domains. If such information is found to be incorrect, it is your responsibilities to cancel these domains. If you do not follow ICANN's policies, then you, as the Registrar are in violation and could loose your accreditation and domain name.
Everyone is welcome to submit there commets
What's Related