Greylisting Still Works - Part I

Greylisting is a hoary technique for rejecting spam sent by botnets and other poorly written spamware. When a mail server receives an attempt to deliver mail from a hitherto unseen sending host IP address, it rejects the message with a "soft fail" error which tells the sender to try again later. Real mail software does try again, at which point you note that the host knows how to retry and you don't greylist mail from that IP again. more

Oh, Spammer, Where Art Thou?

A few weeks ago, I posted a piece on where individuals spammers were located in terms of sending IP. The United States was number 1, followed by China. This is in terms of total volume of spam that they send. However, a second piece of data that I did not take a look at was where all of the individual spam sites contained within the spam was located. For example, does a lot of spam sent from the United States point to spammy URLs hosted in China? more

Activists for Access to Medicines and Internet Rights Develop Brussels Principles for Online Sales

RightsCon, the world's leading summit on tech, society, and human rights has been called "the Davos of Digital Rights" (www.rightscon.org). At RightsCon 2017, the sixth event of the annual summit series on human rights in the digital age, the global human rights community came together in the heart of European politics and policymaking on March 29-31, 2017. More than 1,500 experts from 105 countries around the world, across diverse geographic and stakeholder lines, joined together to produce measurable outcomes on the most pressing and emerging issues threatening human rights in the digital age. more

Background on .EU the Upcoming European Identity

Progress is being made towards launching a .eu top-level domain for European individuals, business and organisations.

On 22 May 2003, the European Commission announced its decision to designate the European Registry for Internet Domains (EURID) as the Registry for the new top-level domain (TLD) .eu. EURID is made up of three founder members ? the registry operators for the country code top-level domains (ccTLDs) .be (Belgium), .it (Italy) and .se (Sweden). The Commission?s decision follows a call for expressions of interest published last September and an evaluation by independent experts of the seven applications received. more

Verisign Issues Statement on ICANN’s Decision on .Web Auction

Verisign, a global provider of domain name registry services and internet infrastructure, released a statement today regarding the ICANN Board of Directors' decision on the .web auction. more

The Rise of a Secondary Market for Domain Names (Part 2/4): Origins of the Competition

Before the Internet, the sole competition for strings of characters employable as marks was other businesses vying to use the same strings for their own products and services. National registries solved this competition by allowing businesses in different channels of commerce to register the same strings but prohibiting competitors in the same industries from using identical or confusingly similar marks on the grounds that they were likely (at best) to create confusion and (at worst) to deceive the public. more

CAN SPAM Issues in Zoobuh V. Better Broadcasting

Last week a Utah court issued a default judgement under CAN SPAM in Zoobuh vs. Better Broadcasting et al. I think the court's opinion is pretty good, even though some observers such as very perceptive Venkat Balasubramani have reservations. The main issues were whether Zoobuh had standing to sue, whether the defendants domain names were obtained fraudulently, and whether the opt-out notice in the spam was adequate. more

Email Portability, DKIM, and Socio-Political Implications on Tech Development

A few years ago, cell phone portability was introduced in the United States which caused a major shift in the market. The same thing happened this past year in Israel, following a major battle involving the cell carriers, consumer groups and the Israeli parliament (The Knesset). What if the same happened with email addresses? Ridiculous, you say? May be so, but there is chatter here in Israel to create a law which forces the local service providers hands to do just that. more

Substantial DDoS Attack Disrupts Twitter, Netflix, Visa and other Major Sites

Major internet sites were disrupted for several hours this morning as internet infrastructure provider Dyn reported it was under a cyberattack, mainly affecting traffic on the U.S. East Coast. more

Making Multi-Language Mail Work (Part 3)

In the previous installments we looked at software changes in mail servers, and in the software that lets user mail programs pick up mail. What has to change in the user mail programs? ... The first and most obvious is that users have to be able to enter the addresses. more

Big Brands Shooting Themselves In The Foot?

One of the topics that keeps coming up in ICANN policy discussions and as part of the new TLD application process is "transparency". ICANN, and the internet community in general, has had plenty of issues in the past with "bad actors" who have caused a lot of issues for everyone (think of many of the registrars who have lost accreditation in the last couple of years for example). On more than one conference call or policy discussion the issue of a company or a person's track record has come up. more

URS Is a Bad Fit for .ORG, Says EFF

The online digital rights group, Electronic Frontier Foundation (EFF) on Tuesday published a post warning ICANN's latest move requiring the use of Uniform Rapid Suspension (URS) for .org domain names is a "bad fit." more

Notes from Tunis: The New Internet Governance Forum

I'm in Tunis at the World Summit on the Information Society (WSIS), where the biggest debate is over the future of "Internet Governance." The final text for this was agreed upon about 30 minutes ago. The two quick sounds bites are that (1) the US and the US based Internet Corporation for Domain Names and Numbers (ICANN) retain, for now, control over the most important aspects of the global Internet Domain Name System (DNS), and (2) the conversation over this issue and a surprisingly broader governance agenda is continuing, under the United Nations. more

Another ICANN Meeting Concluded With No Action on DNS Abuse or Privacy/Proxy Policy

The ICANN 69 meeting has come to a close, with no progress on DNS abuse or implementation of the Privacy/Proxy Services Accreditation policy (PPSAI). While ICANN is uniquely positioned to do so, it refuses to do anything proactive about DNS abuse, with its executives overtly attempting to limit its role to data collection. Moreover, its refusal to implement community-driven initiatives such as the PPSAI points to a growing trend where ICANN is backing away from its public interest responsibilities, to the detriment of the Internet and its users. more

Scaling the Root of the DNS

The DNS is a remarkably simple system. You send it queries, and you get back answers. Within the system, you see exactly the same simplicity: The DNS resolver that receives your query may not know the answer, so it, in turn, will send queries deeper into the system and collects the answers. The query and response process is the same, applied recursively. Simple. However, the DNS is simple in the same way that Chess or Go are simple... more