What Next for Email Service Providers?

It's been a very bad month for ESPs, companies that handle bulk mailings for their clients. Several of them have had internal security breaches, leaking client information, client mailing lists, or both. Many have also seen clients compromised, with the compromised credentials used to send spam. The sequence of events suggests all the ESPs whose clients were compromised were themselves compromised first. (That's how the crooks knew who to attack.) more

Corporate Domain Registration Practices in Light of New gTLDs

For years, corporate domain name administrators have scoffed at every new second-level and third-level country code Top-Level Domain (ccTLD) liberalization, and rightly so. Until recently, most had continued the practice of registering significant numbers of variations, misspellings and typo-squats. While I have never encouraged the practice of registering every variation in every geography, as this becomes prohibitively expensive over time... With what seems to be the imminent launch of hundreds of new TLDs as a result of ICANN's new initiative, companies appear to be saying enough is enough, and meaning it. more

Court Approves Nortel’s Sale of IPv4 Addresses to Microsoft

Yesterday morning (26-April-2011), in US Bankruptcy Court for the District of Delaware, Judge Kevin Gross signed an order authorizing Nortel's sale of IPv4 addresses to Microsoft. This is an important moment for the Internet community, as it represents the beginning of a new market-based mechanism for the distribution of scarce IPv4 address resources. As the various Regional Internet Registry (RIR) organizations exhaust their supply, traditional "needs-based" distribution will become impossible. more

Top 3 New Requirements to the TLD Evaluation Criteria and What They Mean for Applicants

Three sections of the redlined version of the Draft Evaluation Criteria for new Top-Level Domains (TLDs) caught my attention. It seems ICANN wants to ensure it has information to not only evaluate and score responses, but to conduct a post-launch analysis of the program's success in terms of expanded competition, consumer choice and trust. That additional information means more work by both the applicant and for ICANN. But it's a good move because pre-launch preparation and thought staves off mishaps and misfortunes later. more

Really? A Hearing on New gTLDs at this Late Stage?

To the dismay of many (and the chagrin of some), it appears as though the US House Subcommittee on Intellectual Property, Competition and the Internet will be conducting a hearing on New generic Top-Level Domains (gTLDs). Meanwhile, ICANN is careening towards the finish line of the new gTLD Program with a vote by the ICANN Board scheduled for June 20th. Just what this all means remains to be seen. more

A Closer Look at Apple and Location-Tracking

There's been a lot of media attention to a report that iPhones track your movements. It's even reached the U.S. Senate. I'm underwhelmed. I think that the threat is overhyped. What is happening is that these devices create a hidden file with your location... more

New gTLD Discussion Draft - Top 10

Okay, so spending my Monday morning printing out and reviewing 348 pages of the "New gTLD Discussion Draft" is not exactly what I had mind when I woke up today, but kudos to ICANN for keeping to the timeline that they had released last month. Since, most of you do not have the time or the patience (and probably have real work to do), I've taken it upon myself to highlight the most important changes in this version. more

7 Must Have Attributes of an IP Address Management System

Exponential growth of networks combined with the complexity introduced by IT initiatives e.g. VoIP, Cloud computing, server virtualization, desktop virtualization, IPv6 and service automation has required network teams to look for tools to automate IP address management (IPAM). Automated IPAM tools allow administrators to allocate subnets, allocate/track/reclaim IP addresses and provide visibility into the networks. Here are some examples of what a typical IPAM tool can do... more

9 Thoughts on Stepping Up Spam and Malware Enforcement

In a tweet, EU commissioner for the Information Society Neelie Kroes congratulates OPTA on the spam fine for the golf ball printing company Backsound. Since 2004 the Dutch OPTA is the number one spam and malware fighter of the EU with a total of €1.9 million in fines. It made me ask two question to myself: How come that we seldom hear of other spam fines in the EU? And can the EU change this in any way? more

IPv4 Addresses Not Property, Canada Weighs in on the Nortel/Microsoft Transfer

The recent tempest in a teacup on ARINs PPML list over the transfer of IP address blocks from Nortel (a company in Chapter 11) to Microsoft has some interesting Internet Governance dimensions that are yet to be discussed. One aspect that has been overlooked amidst all the sound and fury, is the governmental perspective on IP address transfers. more

Will Blocking a TLD Fracture the Internet?

In his eloquent dissent against approving .XXX, ICANN Board member George Sadowsky talked about blocking and filtering top-level domains. It's a concise statement of a concern that has been identified by various people, including members of the Governmental Advisory Committee (GAC), as an impediment to the new generic Top-Level Domain (gTLD) program. It's a thorough defense of a common point of view about blocking TLDs, but while no-one can disagree about the fact of blocking, what is the actual effect? more

IP Blocklists, Email, and IPv6

Engineers in the Internet Engineering Task Force, in the Messaging Anti-Abuse Working Group, and elsewhere have been debating how to handle e-mail-server blocklists in an IPv6 network. Let's take a look at the problem here. We basically have three ways to address spam, in our goal of reducing the amount of spam in our inboxes... more

Digging Through the Problem of IPv6 and Email - Part 3

One idea to make the problem of mail more manageable is to restrict the address space that is allowed to send mail. In an ideal world, we'd restrict where mail mail servers could send mail from. So, if we say that the number of individual mail servers in the world will probably never exceed 32 million (not unreasonable), or 2^25, then what if the 25 least significant bits were reserved for mail servers? more

Real. Or. Phish?

After Epsilon lost a bunch of customer lists, I've been keeping an eye open to see if any of the vendors I work with had any of my email addresses stolen -- not least because it'll be interesting to see where this data ends up. Recently I got mail from Marriott, telling me that "unauthorized third party gained access to a number of Epsilon's accounts including Marriott's email list."... more

Registrar Stakeholder Group in GNSO Works Against the ICANN Multistakeholder Social Compact

One of the essential features of the social compact that makes ICANN viable in its stewardship of the Domain Name system is that the operations of the Contracted Parties, i.e. Registrars and Registries, are governed by the cooperation of the contracted parties and the non-contracted parties, i.e. the stakeholders, in the creation of policy. In ICANN, contracts and other agreements are the method by which this policy is instantiated. more