[linux-elitists] Re: MCI boots send-safe (Register) -- adds a net of 11 more spam hosts

Rob McGee list+Elite@nodns4.us
Wed Mar 2 14:30:43 PST 2005

On Wednesday 02 March 2005 15:57, Aaron Sherman wrote:
> On Wed, 2005-03-02 at 16:41, Rob McGee wrote:
> > On Wednesday 02 March 2005 15:33, Aaron Sherman wrote:
> > > > But they (Gandi) have not yet removed it from their own
> > > > nameservers.
> > >
> > > Let me see if I understand this
> >
> > You don't.
> >
> > > (and please correct me if I'm wrong):
> >
> > You're wrong.
> Care to expand?

Sorry. "whois send-safe.com". To make a short story long, Gandi is the 
registrar. After send-safe.com lost hosting on MCI and DNS somewhere in 
Russia, they apparently fell back on parking-style services at Gandi.

Perhaps Mike Neuffer can elaborate on how this might be done at Gandi. 
It's possible that the Gandi operator wasn't aware that send-safe.com 
was hosted on his servers. To his credit, when I told him about it, he 
took prompt action.

I still do not see this as justification for his non-action since 2001. 
A registrar should have and enforce a policy against abuse. If a domain 
is used for massive abuse, after due investigation a registrar owes it 
to the Internet to pull the plug.

> I mean, I know that YOU have been championing the "by any means
> necessary" approach,

Market and network pressure. Quite different from Nick's straw man 
likening it to gov't coercion, and IMO much preferable to just sitting 
here continuing to subsidise the spammers. Is that your choice?

As we discussed in days past, Ruslan Ibragimov might not be an actual 
spammer. He is, however, a meta-spammer, an enabler who provides the 
means for others who probably lack the technical abilities necessary to 
code viruses and ratware. 100% of his profit comes from real spammers. 
I'll bet he rakes in more than they do.

Yes, I am very happy if in fact we have seen the last of send-safe.com. 
I'm fully aware that Ruslan will be back under other domain names. I 
and others will attempt to apply similar pressure against those 
domains, as well, as they become known.

In the meantime, we have cut into Ruslan's Rubles. This is good. And 
it's possible that we've prevented his stolen computing resources from 
connecting to the mother ship. If so, that is even better.

> but that doesn't explain how the record got 
> removed from the root without the registrar's involvement.
    Rob - /dev/rob0

More information about the linux-elitists mailing list