Top 10 Spam-Friendly Registrars Named and Shamed

SAN FRANCISCO (02/05/2009) – When it comes time for spammers to register their Internet domain names, some companies are more popular than others.

Spam-fighting organization KnujOn has released a report on the top 10 registrars it has linked to spam and other illicit activity. It found that some companies have cleaned up their act in recent months and that others — most surprisingly Network Solutions and GoDaddy sister company Wild West domains — have suddenly popped up on the list.

Domain name registrars are in a unique place when it comes to fighting malicious activity on the Internet. Because spammers tend to register many different domain names in the hope of evading antispam detection software, they can be very lucrative customers for the registrars. But registrars are also in the best position to wipe Web sites used by fraudsters off the Internet, because they can very easily remove fraudulent domains from their databases — effectively dropping the scammer from the Internet.

Some registrars respond aggressively to reports of malicious activity within their domains, while others take more time, according to Garth Bruen. The point of the report is to highlight the registrars who could do more to clean up their act. “Because this has been a free-rein, profit-driven enterprise, the registrars have made up their own rules,” he said.

At the top of KnujOn’s list is Xinnet.com, a Chinese registrar that KnujOn linked to more than 3 million spam messages between June and January. Xinnet has so many problems that Bruen says that the organization that accredits domain name registrars, the Internet Corporation for Assigned Names and Numbers (ICANN), should threaten to pull its accreditation.

That’s what happened to Estdomains, an Estonian registrar that was linked to organized crime in published reports. ICANN revoked Estdomains’ accreditation on Oct. 28 last year.

Two companies that were formerly on KnujOn’s list, Beijing Innovative Networks and Joker, were issued warnings by ICANN and have since cleaned up their act, Bruen said in his report.

Being on KnujOn’s list is “definitely embarrassing” for any company, but it shows that companies like Network Solutions could do a better job at kicking the spammers off their networks, said Richard Cox, chief information officer with Spamhaus, another antispam group. “They’ve got a very large volume [of domains],” he said of Network Solutions, adding that “they’re not the easiest people to deal with.”

According to KnujOn’s report, Network Solutions domains were linked to around 580,000 spam messages, and Wild West’s to just over 50,000.

Network Solutions takes spam seriously, said spokeswoman Susan Wade. “We continually review and improve our systems; however, no matter how good our systems are, we are still reliant on the speed at which stolen information is reported,” she said via e-mail. “Unfortunately, there will continue to be a window of time at which spammers will operate. Our goal is to significantly shorten that period of time.”

KnujOn’s top ten spam-related registrars is as follows. The ranking is based on a variety of factors including the amount of spam associated with a registrar’s domains and the percentage of the registrar’s domains linked to spam.

1. Xinet

2. eNom

3. Network Solutions

4. Register.com

5. Planetonline

6. RegTime

7. OnlineNIC

8. SpotDomains

9. Wild West Domains

10. Hichina Web Solutions