Is the .to (Tonga) domain completely rogue and should be removed?
Karl Mueller
I have two proposals:
1) Clearly, .COM is used for criminal and malicious activities.
I propose that we remove it due to abuse.
2) Barry Shein serves no useful purpose and should also be removed.
Karl
>
>We've been having increasing problems with one or more porn sites in
>the .to domain promoting itself by massive spamming of AOL customers
>using one of our domains in their From: header thus causing both
>complaints to us and thousands of bounces from AOL due to bad AOL
>addresses in their spam lists.
>
>Looking at the .to domain I can't help but notice it's heavily laden
>with what appear to be porn sites (sexonline.to, come.to,
>xxxhardcore.to, etc.)
>
>1. Performing traceroutes and other analyses seems to indicate that
>this domain is NOT being used for communication with entities
>legitimately located (legally, not only geographically) within the
>sovereignty of the Kingdom of Tonga, as intended.
>
>2. Clearly criminal and malicious activites are arising from sites to
>which Tonga has provided comfort and sanctuary.
>
>3. Therefore, I call for a process whereby it can be determined as to
>whether or not it is appropriate to decommission the Tongan domain due
>to negligence, mismanagement, and having allowed it to become an
>attractive resource for criminal activities. I do not believe the
>Tongan domain serves any legitimate purpose as an internet resource.
>
>In support of this assertion I want to show you an SMTP conversation
>with what claims to be the Consulate of the Government of Tonga in San
>Francisco (This San Francisco office is listed as an official Tongan
>contact point for visas etc by the US State Dept):
>
>world% telnet sfconsulate.gov.to 25
>Trying 209.24.51.169...
>Connected to sfconsulate.gov.to.
>Escape character is '^]'.
>220 colo.to SMTP ready, Who are you gonna pretend to be today?
>VRFY postmaster
>500 Bloody Amateur! Proper forging of mail requires recognizable SMTP commands!
>
>--------------------
>
>Viewing the web page for the Tongan Consulate in the US
>(http://sfconsulate.gov.to) reveals nothing but an ad for a software
>company, this page ends with:
>
> Need a domain name? Contact the Kingdom of Tonga Internet domain name
> registry.
>
>--------------------
>
>Consequently, I assert there is no reason for this domain to exist and
>it should be removed from the root name servers.
>
>
>--
> -Barry Shein
>
>Software Tool & Die | b...@world.std.com | http://www.world.com
>Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
>The World | Public Access Internet | Since 1989 *oo*
>
Andy Walden
I have a legit .to domain. I paid $100 for it like any .com domain,
which of course has no porn sites.
or something...
Sincerely,
Andy Walden
System Administrator
MTCO Communications
1-800-859-6826
Jim Klossner
>
> I have two proposals:
>
> 1) Clearly, .COM is used for criminal and malicious activities.
> I propose that we remove it due to abuse.
Don't forget .ORG, .NET, .EDU, etc. After all, porn and/or spam might be
coming from those as well! Since when do the root nameservers become
responsible for monitoring and controlling spam and porn? I never understood
that as one of their responsibilities. If it suddenly became that way,
I'll be more than happy to forward them a list of spam domains that they can
take care of.
> 2) Barry Shein serves no useful purpose and should also be removed.
Agreed. Obviously this message served no useful purpose, so according
to the message below, Barry Shein and .std.com should be removed.
-jkk
> Karl
--
Jim Klossner - j...@frontiernet.net http://www.frontiernet.net
Lead System Engineer Frontier GlobalCenter
"I'm a krill. The whales aren't working today..."
Barry Shein
On September 30, 1998 at 12:42 ka...@best.net (Karl Mueller) wrote:
>
> I have two proposals:
>
> 1) Clearly, .COM is used for criminal and malicious activities.
> I propose that we remove it due to abuse.
>
>
I'm not sure what your problem is or what prompted this childish
remark. I'm sorry if I presented what I believe to have been a
reasoned comment with evidence and documentation etc. and somehow
elicted this from you. I can't figure out why, however.
If .com were used, for example, only for Slobbovian Universities, were
being managed by one to the exclusion of other uses, etc, then perhaps
it would be a good reason to consider decommissioning .com.
And if the .to domain is not in any way being used as a TLD for the
Kingdom of Tonga, but instead is being used only as a safe harbor for
what appear to be malicious activities, then perhaps it should be
decommissioned.
Is that simple enough?
One problem, as I see it, is that people claim they would prefer
non-governmental regulation of the internet. Yet any suggestion that
we do this is met with these sort of sneering, uncalled for,
tangential, childish remarks made by individuals who obviously
shouldn't be involved in regulating anything.
I think it's beginning to become obvious, to me anyhow, that any claim
that the internet is better regulated by those who are involved in its
engineering is a total failure as a concept.
scott w
</FLAME> I think he gets the idea...
Karl Mueller
>I'm not sure what your problem is or what prompted this childish
>remark. I'm sorry if I presented what I believe to have been a
>reasoned comment with evidence and documentation etc. and somehow
>elicted this from you. I can't figure out why, however.
>
Really, Barry, it never ceases to amaze me how people turn
their particular experience or view of something on the Internet
into what reality is or what should happen. After all Barry,
YOU have seen .to domains used for criminal activities, and
none of them to the contrary! Oh-my-God! That must mean
that the whole TLD is nothing but a joke, or a haven for these people.
I'd laugh but it's not really funny.
See, originally I was going to write an email on how Tonga had
contacted IANA to run this idea of a registry by them. After all,
it is their domain and they saw a business opportunity. Given
that we have certain other TLDs selling domains (say, oh, .COM and .NET),
I think the IANA figured it was their TLD to do with as they pleased.
(within reason, of course)
Now, a good possible issue you could have brought up is .to addresses
being used outside of Tonga, although I think this is a pretty moot
point. But, reality is that it's silly to use DNS (or really anything else)
to try and pinpoint geography on the Internet. Unless you are suggesting
a plan to monitor inverse DNS mapping, I don't think there's much
you can do here.
Instead, you choose to bring up spamming activities and criminal
activities. Well, gee, when was the last time you contacted the
InterNIC over a spam issue, Barry? Like TONIC, it's a *public* registry.
Like TONIC, it has *nothing* to do with spamming issues.
It would be completely out of line for the NANOG and other communities
to try and address the real problem of spamming by looking
at TLDs. That is completely missing the problem, and a waste of time.
Not only that, but it gets regulators interested in the wrong
area. Do you really want regulators deciding what you can and cannot
do with domain names or TLDs? Think about it. (and that's a different
issue than whether it's legal to spam with a domain)
My apologies to cc'ing NANOG again. I tried to make light of
the idiocies but failed.
Karl
P.S. My affiliation with Best has nothing to do with this. TONIC could
move easily to another ISP.
P.P.S. Your "points" about them running a humerous version of
sendmail scare me because they're so bogus.
Steven J. Sobol
> If .com were used, for example, only for Slobbovian Universities, were
> being managed by one to the exclusion of other uses, etc, then perhaps
> it would be a good reason to consider decommissioning .com.
>
> And if the .to domain is not in any way being used as a TLD for the
> Kingdom of Tonga, but instead is being used only as a safe harbor for
> what appear to be malicious activities, then perhaps it should be
> decommissioned.
>
> Is that simple enough?
I've already given you one example of a domain not used for porn.
Here's another one: bounce.to, another redirection service.
I'm sure I can find others.
Of course, according to you, the TLD is rogue unless there are absolutely
no bad apples.
By this logic, I can argue for UUNet to turn off their circuit to you
if I have solid proof of *ONE* of your customers spamming.
Yes, I know, your argument is that a majority of the domains are porn
domains (not that that, in itself, is hard evidence of criminal activity)
and are used to spam. Prove "a majority."
> non-governmental regulation of the internet. Yet any suggestion that
> we do this is met with these sort of sneering, uncalled for,
> tangential, childish remarks made by individuals who obviously
> shouldn't be involved in regulating anything.
You're being flamed because you said something very foolish. Deal with it.
Happens to everyone.
> I think it's beginning to become obvious, to me anyhow, that any claim
> that the internet is better regulated by those who are involved in its
> engineering is a total failure as a concept.
Yes, Barry, you're setting a bad example.
--
Anyone who spams me will be subject to torture by Jake,
my killer attack hedgehog, and/or Lizzy and Junior, my man-eating iguanas.
Jay R. Ashworth
> But as part of the whole picture, that Tonga's domain seems to be used
> as nothing but a "safe harbor" for porn sites engaged in criminal
> activity and even their own supposed govt consulate comes up as an ad
> for a software company etc, it would seem to indicate that this
> domain, .to, is not being used as a legitimate country TLD, is not
> being managed by the people it was assigned to for the purpose it was
> assigned, etc.
This raises a qustion I was hoping we could avoid for quite a long
time:
Who is in a position of authority to pass judgement on whether the
assigned authority over the .to top-level domain should "be allowed" to
register such people in it's domain? Is there a policy on the root
domain? Who enforces this? Who owns it?
Cheers,
-- jra
--
Jay R. Ashworth j...@baylink.com
Member of the Technical Staff "The net is safer in bad weather: you
The Suncoast Freenet can't run a backhoe
Tampa Bay, Florida in a hurricane." (after Sean Donelan) +1 813 790 7592
Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com
Jay R. Ashworth
> I have two proposals:
>
> 1) Clearly, .COM is used for criminal and malicious activities.
> I propose that we remove it due to abuse.
>
> 2) Barry Shein serves no useful purpose and should also be removed.
>
> Karl
Hey! How dare you impersonate Karl Denninger?!
Jay R. Ashworth
> On Wed, Sep 30, 1998 at 05:36:43PM -0400, Barry Shein wrote:
> > Oops, now I understand Karl Mueller's sarcastic, nasty remark in
> > response to my note. He works for Best and Best is running this Tonga
> > link.
> > Aha!
> > -Barry Shein
>
> Barry, you're wrong, you sound like an idiot, and I'm going to nominate you
> for the very first Karl Denninger award.
>
> You and Karl have both been around for years and both of you may be
> technically proficient, but I hear stuff from both you and Karl that leaves
> me shaking my head in disbelief.
Hmmm... I'm not accustomed to _either_ of them being idiotic. Karl is
often loudmouthed and opinionated, but I usually understand where he's
coming from if I don't agree.
> (I don't work for Best, incidentally. FYI.)
Me either.
Cheers,
-- jr 'my, but it's uncomfortable sounding like I'm passing judgement
on _these_ guys...' a
Aaron Goldblatt
>that the internet is better regulated by those who are involved in its
>engineering is a total failure as a concept.
You're therefore suggesting that the Internet is better regulated by those
who are totally unfamiliar with it. Or, in other words, you want your
heart transplant performed by a 10-year-old.
Special.
ag
Aaron Goldblatt
>No I think it indicates that a bunch of clowns have taken over what
>advertises itself as the official US office of the Consulate of the
>Kingdom of Tonga.
You think? Really? You're not doing very well at it, then.
Or, as my sponsor would say, "You do have a point. Your hair covers it
nicely."
ag
Christopher Neill
some value to spammers since its relatively easy to shut down a relay;
I have actually seen spam advertising 'spam friendly' ISPs that offer
relaying services.
Gut 'em all, I say.
On Wed, Sep 30, 1998 at 03:40:15PM -0400, Alex Kamantauskas wrote:
> On Wed, 30 Sep 1998, Barry Shein wrote:
>
> >
> > In support of this assertion I want to show you an SMTP conversation
> > with what claims to be the Consulate of the Government of Tonga in San
> > Francisco (This San Francisco office is listed as an official Tongan
> > contact point for visas etc by the US State Dept):
> >
> > world% telnet sfconsulate.gov.to 25
> > Trying 209.24.51.169...
> > Connected to sfconsulate.gov.to.
> > Escape character is '^]'.
> > 220 colo.to SMTP ready, Who are you gonna pretend to be today?
> > VRFY postmaster
> > 500 Bloody Amateur! Proper forging of mail requires recognizable SMTP commands!
> >
> > --------------------
>
> Well, beyond the cutesy error messages, at least relaying is turned off.
>
> fz(alexk):[~] telnet sfconsulate.gov.to 25
> Trying 209.24.51.169...
> Connected to sfconsulate.gov.to.
> Escape character is '^]'.
> 220 colo.to SMTP ready, Who are you gonna pretend to be today?
> helo tugger.net
> 250 colo.to Is thrilled beyond bladder control to meet tugger.net
> mail from: al...@tugger.net
> 250 sender is al...@tugger.net, (yeah sure, it's probably forged)
> rcpt to: al...@freetld.net
> 550 NOPE UNKNOWN(204.168.18.98), I don't allow unauthorized relaying.
>
>
> >
> > Viewing the web page for the Tongan Consulate in the US
> > (http://sfconsulate.gov.to) reveals nothing but an ad for a software
> > company, this page ends with:
> >
> > Need a domain name? Contact the Kingdom of Tonga Internet domain name
> > registry.
> >
> > --------------------
> >
> > Consequently, I assert there is no reason for this domain to exist and
> > it should be removed from the root name servers.
> >
> >
> > --
> > -Barry Shein
> >
> > Software Tool & Die | b...@world.std.com | http://www.world.com
> > Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
> > The World | Public Access Internet | Since 1989 *oo*
> > -
> > Send 'unsubscribe' in the body to 'list-r...@inet-access.net' to leave.
> > Eat sushi frequently. in...@inet-access.net is the human contact address.
> >
>
> --
> Alex Kamantauskas
> Tugger Networks
Gary R Wright
> Clearly, .COM is used for criminal and malicious activities.
> I propose that we remove it due to abuse.
This points out the legal ambiguity of the global top-level domains.
At least with the .to domain it is clear who is responsible for
the domain. With .com, .net, etc. the name space crosses legal
boundaries inviting all sorts of legal confusion. The legal
situation could be clarified considerably if the gtld's were moved
under the country code domains.
Certainly the legal confusion surrounding the gtld's shouldn't
be used as a rational for not developing a process (which is
what Barry suggested) for attending to problems associated with
the country code domains.
John Harkin
a shoot first, ask questions later policy about spam. Here's a quote from
their FAQ page.
>Tonic feels very strongly that the sending of unsolicited bulk email or
>excessive Usenet posting
>("spamming") constitutes theft of service, and we do not condone the use
>of .TO domain names for this
>purpose.
>
>If we receive complaints that a .TO domain name has been used for this
>purpose, we will advise the
>domain owner of the complaint and request that they desist from this
>activity. Tonic reserves the right to
>remove any .TO name registration if a name is used as a source of spam, or
>an address to which to reply
>to such bulk mail solicitations. We will also publish the names and
>contact information for any accounts
>terminated for such a reason.
John
--
John Harkin
Internet Network and Systems Consulting
j...@harkin.net voice: 415-472-2452 fax: 415-472-2454
Steven J. Sobol
> Hmmm... I'm not accustomed to _either_ of them being idiotic. Karl is
> often loudmouthed and opinionated, but I usually understand where he's
> coming from if I don't agree.
IMHO, Karl has said his share of foolish things. (Which is not to say I
never agree with him)
However, if I was to give Barry the KD award, it would be due to Barry's
hard-headedness and inability to acknowledge that maybe he's wrong and others
are right. Those are both traits that Karl has demonstrated multiple times.
Steven J. Sobol
> Maybe you should post a clarification that you do not feel RBL is
> the same a terriorism. That is certainly the appearance you gave.
> In all the messages in the thread posted to nanog my was the only
> replace that suggested solutions, and it was on topic.
Done. Yes, when I mentioned the T-word, I was not refering to the RBL. The
RBL is voluntary and allows people to deny others access to THEIR OWN
machines. It has nothing to do with people trying to deny others access to
machines the perpetrators do NOT own - that is what I take issue with.
> Your accusations of terrorism, stupidity and your pity are not
> needed on Nanog, perhaps on other mailing lists such comments are
> reasonable.
I see absolutely no call for you to be advocating denial of service attacks
anywhere - and ESPECIALLY not on NANOG, where everyone *knows better anyhow*.
The knife cuts both ways.
I hope no one using an nstc.com account, or an account at my upstream,
ever even comes close to getting you upset because it sounds like in a
situation like that, you would advocate a DoS attack against the network
involved. I'm sorry, but I am not retracting my statement that that IS
terrorism, and there is absolutely no call for it, and if you commit a DoS
attack you deserve whatever sanctions you get hit with, either by your
upstream or the law.
Period.
Roeland M.J. Meyer
>On Wed, Sep 30, 1998 at 05:22:57PM -0400, Barry Shein wrote:
>
>> If .com were used, for example, only for Slobbovian Universities, were
>> being managed by one to the exclusion of other uses, etc, then perhaps
>> it would be a good reason to consider decommissioning .com.
>>
>> And if the .to domain is not in any way being used as a TLD for the
>> Kingdom of Tonga, but instead is being used only as a safe harbor for
>> what appear to be malicious activities, then perhaps it should be
>> decommissioned.
>>
>> Is that simple enough?
>
>I've already given you one example of a domain not used for porn.
>
>Here's another one: bounce.to, another redirection service.
>
>I'm sure I can find others.
>
>Of course, according to you, the TLD is rogue unless there are absolutely
>no bad apples.
>
>By this logic, I can argue for UUNet to turn off their circuit to you
>if I have solid proof of *ONE* of your customers spamming.
>
>Yes, I know, your argument is that a majority of the domains are porn
>domains (not that that, in itself, is hard evidence of criminal activity)
>and are used to spam. Prove "a majority."
Actually, by his argument, the entire country of the Netherlands should be
arrested becasue the allow legal prostitution, a criminal activity in
"white bread" New Hampshire.
___________________________________________________
Roeland M.J. Meyer, ISOC (InterNIC RM993)
e-mail: <mailto:rme...@mhsc.com>rme...@mhsc.com
Internet phone: hawk.mhsc.com
Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer
Company web-site: <http://www.mhsc.com/>www.mhsc.com/
___________________________________________
I bet the human brain is a kludge.
-- Marvin Minsky
Roeland M.J. Meyer
>On Wed, Sep 30, 1998 at 05:16:50PM -0400, Barry Shein wrote:
>> But as part of the whole picture, that Tonga's domain seems to be used
>> as nothing but a "safe harbor" for porn sites engaged in criminal
>> activity and even their own supposed govt consulate comes up as an ad
>> for a software company etc, it would seem to indicate that this
>> domain, .to, is not being used as a legitimate country TLD, is not
>> being managed by the people it was assigned to for the purpose it was
>> assigned, etc.
>
>This raises a qustion I was hoping we could avoid for quite a long
>time:
>
>Who is in a position of authority to pass judgement on whether the
>assigned authority over the .to top-level domain should "be allowed" to
>register such people in it's domain? Is there a policy on the root
>domain? Who enforces this? Who owns it?
There isn't one, there shouldn't be one, and I will resist any attempts to
put one there.
scott w
It is serving as their entry into the *global* e-marketplace. Ever
tripped over something you didn't know was there?
> So, to spell it out, the question is not whether or not there are
> non-porn sites in the .to domain. The question is whether or not there
> are any Tongan activities in the Tongan domain? Since the US Consulate
> of the Kingdom of Tonga isn't even a Tongan site one wonders just what
> purpose this domain is serving.
Jeremy Porter
I never advocated a DoS attack, as a matter of fact I specificly said I
did would not advocate it. I did say it would solve the problem.
DoS attacks are against the AUP I wrote for my company and applies
to my customers. I've terminated people for violating it.
Quote from message:
Message-Id: <1998093021...@freeside.fc.net>
From: Jeremy Porter <je...@freeside.fc.net>
...
Not that I would advocate such activity...
As far as the technical merits of this, it should be observed that
anyone unprepared to deal with DoS is foolish, and at this time
the chance of successfully prosecuting someone for a DoS attack is
very low, and from what I've been able to see in my time in
the business most of the attacks are on high profile targets.
(What sites get smurfed the most?, three letters IRC...)
I can't control what say about what I write, but the proof is in the
mail archive.
If I was the type of person you claim, you would be seeing a demand
for an apology or lawsuit. Since I'm not, I won't, and frankly
I doubt anyone that knows me would believe you anyway.
Perhaps you can say something useful, after you learn to read.
And to note: I took the personal comments off the CC lists. This individual
was the one that felt he had to post personal attacks on Nanog about
someone he apparently doesn't even know.
You make me want to puke.
---
Jeremy Porter, Freeside Communications, Inc. je...@fc.net
PO BOX 80315 Austin, Tx 78708 | 512-458-9810
http://www.fc.net
Jeremy Porter
The problem doesn't even exist it is clearly covered under other procedures.
And the TO domain as an abuse policy, Barry obivously hasn't followup up
on it in any detail, or he would have indicated otherwise (at least he is
usually very detail oriented.
---
Steven J. Sobol
> Not that I would advocate such activity...
What point was there in even bringing up DoS? Yeah, you said you don't
advocate such activity. Fine. Then don't suggest using it.
As for personal attacks, my direct comment was about the action you were
speaking of. I believe my words were to the effect that YOUR STATEMENT was
stupid, not that YOU were stupid.
Barry Shein
On September 30, 1998 at 15:14 an...@enigma.mtco.com (Andy Walden) wrote:
>
>
> I have a legit .to domain. I paid $100 for it like any .com domain,
> which of course has no porn sites.
>
> or something...
By "legit" do you mean its purpose is to operate a business or other
entity organized within the Kingdom of Tonga?
Steven J. Sobol
> Certainly the legal confusion surrounding the gtld's shouldn't
> be used as a rational for not developing a process (which is
> what Barry suggested) for attending to problems associated with
> the country code domains.
What sort of problems?
This thread originally started out as a discussion of .TO spamming
domains. Someone else had mentioned that the TLD's aren't responsible
for nuking spammers.
If you're going to make a statement like that, I think it would be useful
to first delineate what problems are supposed to be fixed by the TLD admins,
and what problems are supposed to be fixed by the admins of the subdomains.
Steven J. Sobol
> > Clearly, .COM is used for criminal and malicious activities.
> > I propose that we remove it due to abuse.
>
> This points out the legal ambiguity of the global top-level domains.
> At least with the .to domain it is clear who is responsible for
> the domain. With .com, .net, etc. the name space crosses legal
> boundaries inviting all sorts of legal confusion. The legal
> situation could be clarified considerably if the gtld's were moved
> under the country code domains.
Actually, now that I think about it, it is hard for me to come up with
a situation where you could possibly hold a TLD administrator liable for
criminal activities perpetrated by a domain registrant. I'm sure someone
else will come up with something.
Alex "Mr. Worf" Yuriev
> > I have a legit .to domain. I paid $100 for it like any .com domain,
> > which of course has no porn sites.
> >
> > or something...
>
> By "legit" do you mean its purpose is to operate a business or other
> entity organized within the Kingdom of Tonga?
No, simply legally registered.
Let me ask the same question again: "Who are you to decide what is the
legitimate business activity for the Kingdom of Tonga?"
As far as businesses go, Loral Space and Communications Ltd would be a
Bermuda corporation. Does it mean that it has to have its website in
Bermuda's TLD?
Alex
Adam D. McKenna
it came out.
This has been going on for quite a while, it's odd that you should bring it up
now. You might also want to check out http://www.nic.cc. I'm sure a host of
others will be springing up in no time.
BTW I happen to think those .to forwarder domains are ultra cool, I found
http://easy.to/remember the other day and I thought it was an exteremely good
idea...
--Adam
ad...@flounder.net
ad...@mckenna.to?? (I was thinking about it.. .nu is cheaper though :)
-----Original Message-----
From: Barry Shein <b...@world.std.com>
To: Andy Walden <an...@enigma.mtco.com>
Cc: na...@merit.edu <na...@merit.edu>
Date: Thursday, October 01, 1998 3:25 AM
Subject: Re: Is the .to (Tonga) domain completely rogue and should be removed?
On September 30, 1998 at 15:14 an...@enigma.mtco.com (Andy Walden) wrote:
>
>
> I have a legit .to domain. I paid $100 for it like any .com domain,
> which of course has no porn sites.
>
> or something...
By "legit" do you mean its purpose is to operate a business or other
entity organized within the Kingdom of Tonga?
Barry Shein
Well, I'll grant this response is much better than your initial
sarcastic remarks.
Do I want regulators involved in some of these processes? At this
point, I'm not sure, perhaps.
I do think the total inability of the community to regulate or govern
itself is, at this point, a sad fact.
--
Barry Shein
On September 30, 1998 at 18:41 sjs...@nacs.net (Steven J. Sobol) wrote:
> On Wed, Sep 30, 1998 at 05:22:57PM -0400, Barry Shein wrote:
>
> > If .com were used, for example, only for Slobbovian Universities, were
> > being managed by one to the exclusion of other uses, etc, then perhaps
> > it would be a good reason to consider decommissioning .com.
> >
> > And if the .to domain is not in any way being used as a TLD for the
> > Kingdom of Tonga, but instead is being used only as a safe harbor for
> > what appear to be malicious activities, then perhaps it should be
> > decommissioned.
> >
> > Is that simple enough?
>
> I've already given you one example of a domain not used for porn.
>
> Here's another one: bounce.to, another redirection service.
>
> I'm sure I can find others.
>
> Of course, according to you, the TLD is rogue unless there are absolutely
> no bad apples.
No, a typical method of judgement used where something won't likely be
100% one way or the other is the "preponderance of evidence".
More importantly, in the case of a gTLD, does it serve any useful
purpose for which it was issued, overall?
Since the examples you've given don't seem to me to be entities
organized within the Kingdom of Tonga, even if they're not porn
sites*, what purpose is being served by keeping .to in the root
servers?
So, to spell it out, the question is not whether or not there are
non-porn sites in the .to domain. The question is whether or not there
are any Tongan activities in the Tongan domain? Since the US Consulate
of the Kingdom of Tonga isn't even a Tongan site one wonders just what
purpose this domain is serving.
* Porn per se was never the touchstone issue. It just so happened that
the malicious activity was in promotion of a porn site, and looking at
their SLDs seemed to indicate that an unusually high percentage of
them were porn sites. And, one suspects, probably not porn sites
organized as business entities within the Kingdom of Tonga.
Barry Shein
Totally unfamiliar with it? You mean, for example, that people in the
FCC are totally unfamiliar with, say, telephony? Or that they're all
ten year olds?
People who work for the FAA know something about air traffic issues
and aren't ten year olds. People who work for CDC know something about
epidemiology and aren't ten year olds. Etc.
Such regulatory agencies always employ people knowledgeable in the
technical aspects of the subject.
What's peculiarly missing in the internet realm is much anyone with
any skills in building processes by which decision-making and review
of policies can occur.
That's why, I assume, raising any policy or resource issue is
generally met with a flood of sarcastic remarks, non-sequitars, and in
particular a total lack of process by which to address such an
issue. It's completely missing.
You may believe that the above regulatory bodies are less than
perfect. But what you can't do is assert that what goes on in their
stead on the net works any better.
Barry Shein
On October 1, 1998 at 02:32 al...@netaxs.com (Alex Yuriev) wrote:
> > >
> > > I have a legit .to domain. I paid $100 for it like any .com domain,
> > > which of course has no porn sites.
> > >
> > > or something...
> >
> > By "legit" do you mean its purpose is to operate a business or other
>
> No, simply legally registered.
In high school some upper-class students would sell incoming freshman
swimming pool passes. Unfortunately, our high school had no swimming
pool. But I guess if they paid for them they were "legitimate" pool
passes.
> Let me ask the same question again: "Who are you to decide what is the
> legitimate business activity for the Kingdom of Tonga?"
If it were solely up to me I wouldn't have to sound this issue out in
public.
> As far as businesses go, Loral Space and Communications Ltd would be a
> Bermuda corporation. Does it mean that it has to have its website in
> Bermuda's TLD?
No. It means it would be peculiar if it had its domain in the Kingdom
of Tonga's TLD.
However, you have the logic backwards.
The question isn't so much "does there exist any non-criminal SLD in
the .to TLD". The question is: Does there exist any legitimate purpose
for the .to TLD? Such as serving the Kingdom of Tonga or entities
organized in the Kingdom of Tonga in any way? Or is it just rogue?
Barry Shein
On October 1, 1998 at 02:14 sjs...@nacs.net (Steven J. Sobol) wrote:
> Actually, now that I think about it, it is hard for me to come up with
> a situation where you could possibly hold a TLD administrator liable for
> criminal activities perpetrated by a domain registrant. I'm sure someone
> else will come up with something.
The specific question was whether or not the .to domain serves any
useful purpose (such as a TLD for the Kingdom of Tonga) -- is there
any reason to maintain it in the root servers?
jpr...@ma.ultranet.com
> The specific question was whether or not the .to domain serves any
> useful purpose (such as a TLD for the Kingdom of Tonga) -- is there
> any reason to maintain it in the root servers?
It is Yet Another ISO CC TLD that is being whored out - since domains
became commodities, ISO CCs are now "national resources". Who has a
crystal ball shiny enough to see which (small) country decides to change
its name to get a "better" ISO CC? And how far out that will be?
Another lovely spin-off of pushing the mess up towards the root of
the tree, instead of down to the leaves with further specifity.
"My own opinion, etc etc disclaim disclaim"
--
Joe Provo, Network Architect 508.229.8400 x3006
Commercial Internet Services Group Fax 508.229.2375
UltraNet Communications, Inc., an RCN Company <jpr...@ultra.net>
Steven J. Sobol
> No, a typical method of judgement used where something won't likely be
> 100% one way or the other is the "preponderance of evidence".
Agreed, and I don't think you have that, either!
> More importantly, in the case of a gTLD, does it serve any useful
> purpose for which it was issued, overall?
>
> Since the examples you've given don't seem to me to be entities
> organized within the Kingdom of Tonga, even if they're not porn
> sites*, what purpose is being served by keeping .to in the root
> servers?
It's already been pointed out that there IS no one-to-one mapping of
domain names to geographical areas. What's your point?
> * Porn per se was never the touchstone issue
OK - I am glad we agree on this.
Steven J. Sobol
>
> On October 1, 1998 at 02:14 sjs...@nacs.net (Steven J. Sobol) wrote:
> > Actually, now that I think about it, it is hard for me to come up with
> > a situation where you could possibly hold a TLD administrator liable for
> > criminal activities perpetrated by a domain registrant. I'm sure someone
> > else will come up with something.
>
> useful purpose (such as a TLD for the Kingdom of Tonga) -- is there
> any reason to maintain it in the root servers?
That question has been addressed by a number of people already.
You also brought up the issue of "criminal" activity.
Mikolaj J. Habryn
SJS> Here's another one: bounce.to, another redirection service.
SJS> I'm sure I can find others.
Allow me to assist.
Is the cause of the complaint that there are non-Tongan porn sites
with .to domains? Would it make you happier if the porn sites in .to
were exclusively Tongan? Perhaps you disagree with porn sites in
general? There's better targets to aim at if so. 'sides, there's
better candidates for extinction on aesthetic grounds. There's a bar
in the Cook Islands that has an email address of - I am not making
this up ((c) Dave Barry) - dr...@ronnies.co.ck. Aren't you glad the
Cook Islands aren't selling commercial subdomains to everyone?
m.
PS: No, I don't know what they were thinking either.
Andy Walden
contracted the std.com domain. Network abuse needs to be handled on the
provider/upstream level. Leave the registries alone as they have enough
problems as it is.
Sincerely,
Andy Walden
System Administrator
MTCO Communications
1-800-859-6826
On Thu, 1 Oct 1998, Barry Shein wrote:
>
> On September 30, 1998 at 15:14 an...@enigma.mtco.com (Andy Walden) wrote:
> >
> >
> > I have a legit .to domain. I paid $100 for it like any .com domain,
> > which of course has no porn sites.
> >
> > or something...
>
> By "legit" do you mean its purpose is to operate a business or other
> entity organized within the Kingdom of Tonga?
Eric Gullichsen
Mr. Shein:
I am the hostmaster and Administrative, Technical and Zone Contact at Tonic, the top level domain name registration authority for the .TO country code. (http://rs.internic.net/cgi-bin/whois?to5-dom).
Since June 1997, our automated domain name registry at http://www.tonic.to has been facilitating the registration of .TO names as a service to the global Internet community. (Neither Tonic nor IANA policy requires the registered owner of a .TO name to be physically situated in the Kingdom of Tonga.)
>We've been having increasing problems with one or more porn sites in the
>.to domain promoting itself by massive spamming of
>AOL customers using one of our domains in their From: header thus causing
>both complaints to us and thousands of bounces
>from AOL due to bad AOL addresses in their spam lists.
We are sorry to hear that you have been having problem with SPAM involving a .TO domain, and wish to draw your attention to the fact that .TO is the *only* top level domain we know of with an explicit antispam policy. We at Tonic feel strongly about spam, and believe it to be theft of service, and a very bad thing for the net in general.
It is our policy to terminate the registration of a domain name involved in spam, after warning the domain name holder to cease unsolicited bulk mailings that involve a .TO name.
>From our FAQ (at http://www.tonic.to/faq.htm):
Q: I'm a spammer. Is a .TO domain something I should use?
Tonic feels very strongly that the sending of unsolicited bulk email ("spamming") constitutes theft of service, and we do not condone the
use of .TO domain names for this purpose.
If we receive complaints that a .TO domain name has been used for this purpose, we will advise the domain owner of the complaint and
request that they desist from this activity. Tonic reserves the right
to remove any .TO name registration if a name is used as a source of spam,
or an address to which to reply to such bulk mail solicitations
We have had to delete a number of .TO domains for egregious SPAM and will continue to do so in the cases where a stern warning fails to solve the problem. Please send a copy of any SPAM involving a .TO domain name to: hostm...@tonic.to and we will warn the spammer and/or terminate the domain name registration.
>Looking at the .to domain I can't help but notice it's heavily laden with
>what appear to be porn sites (sexonline.to, come.to,
>xxxhardcore.to, etc.)
The .COM domain is no less "heavily laden" with porn sites. You will note that sexonline.com and xxxhardcore.com are names registered with the InterNIC. The come.to site is a free web redirection site supporting more than 100,000 customers. Furthermore, Tonic is a domain name registry, not a content censor.
>In support of this assertion I want to show you an SMTP conversation with
>what claims to be the Consulate of the
>Government of Tonga in San Francisco (This San Francisco office is listed
>as an official Tongan contact point for visas etc by
>the US State Dept):
>
>world% telnet sfconsulate.gov.to 25
>
>Trying 209.24.51.169...
>Connected to sfconsulate.gov.to.
>Escape character is '^]'.
>220 colo.to SMTP ready, Who are you gonna pretend to be today? VRFY
postmaster
>500 Bloody Amateur! Proper forging of mail requires recognizable SMTP
>commands!
The primary nameserver for .TO is physically located at the Consulate of Tonga in San Francisco. On all our machines, we run the Obtuse smtpd/smtpfwdd SMTP store and forward proxy (http://www.obtuse.com/smtpd.html) to secure our port 25 and thereby prevent third party mail relaying, so our server cannot itself be used
as a spam relay.
Your reasoning as to why its responses to incorrect SMTP commands constitutes
evidence that the .TO domain is "negligent", "mismanaged" and "an attractive resource for criminal activities" is ironically incorrect. In fact, having an *unsecured* port 25 open to mail relaying would be negligent.
[Our thanks to the many participants in this thread who have presented views balancing those of Barry Shein.]
Best regards,
- Eric Gullichsen
Tonic Corporation
Kingdom of Tonga Network Information Center
http://www.tonic.to
Email: egul...@tonic.to
-----
See the original message at http://www.egroups.com/list/nanog/?start=1308
--
Free e-mail group hosting at http://www.eGroups.com/
John Harkin
>So, to spell it out, the question is not whether or not there are
>non-porn sites in the .to domain. The question is whether or not there
>are any Tongan activities in the Tongan domain? Since the US Consulate
>of the Kingdom of Tonga isn't even a Tongan site one wonders just what
>purpose this domain is serving.
The Tongan consulate in SF *is* Tongan territory, not US. Seems like a
good place to keep a server to keep its traffic off the satellite to me.
Cable and Wireless runs the Internet connection to the islands and their
sites and their customers are in TO. See candw.to.
Gary R Wright
> > Certainly the legal confusion surrounding the gtld's shouldn't
> > be used as a rational for not developing a process (which is
> > what Barry suggested) for attending to problems associated with
> > the country code domains.
>
> What sort of problems?
Trademark/service mark conflicts come to mind. But in general I
would say one function of a legal system is to mediate disputes.
Barry raised an issue (valid or not, take your pick) and asked if
we should have a system by which disputes related to Internet
facilities (such as domain name space) could be handled.
To be more specific, an entity utilizing the .TO domain name was
misrepresenting themselves using Barry's domain in .COM. Now
perhaps if Barry's domain was world.std.com.US he would have a more
obvious legal process by which he could defend his use of
world.std.com.US because it would clearly be within the name space
assigned to the United States.
I pointed out that with .TO the legal issue was somewhat clearer
than with .COM because .TO is assigned to a legal entity whereas
the legal context of .COM is ambiguous. This makes it difficult
for Barry to pursue any legal action and it also make it easier
for unscrupulous folks to use domains fraudulently (because it is
hard to challenge them in a legal context). Of course it works
the other way also, if someone from the Kingdom of Tonga were to
read this thread and decide they *didn't* want to register spam
and porn havens then perhaps it would be a good thing if that
government (i.e., registry) had the authority to say who was in
and who was out of the .TO domain.
One reason why it is so discomforting to have the Internic make
policy decisions regarding domain registrations in .com is that
there is no legal entity that is clearly responsible for the gtld's.
I don't see too many people shouting across international borders
about how the .uk domain is managed but I'm reasonably sure if
there is a shouting match going on within their borders they probably
have a legal process that can be used to mediate the disputes--something
that doesn't seem to exist regarding the Internic and the gtld's.
> If you're going to make a statement like that, I think it would be useful
> to first delineate what problems are supposed to be fixed by the TLD admins,
> and what problems are supposed to be fixed by the admins of the subdomains.
I don't think it is necessary to have an enumerated list of potential
and/or demonstrated problems as a prerequisite to developing a
process for resolving disputes.
All other things being equal, a naming system that facilitates
problem resolution is better than a naming system that creates
problems to be resolved.
Patrick Greenwell
> We are sorry to hear that you have been having problem with SPAM involving a
>.TO domain, and wish to draw your attention to the fact that .TO is the
>*only* top level domain we know of with an explicit antispam policy.
Nope. Both .NU and .CC do as well off the top of my head.
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Patrick Greenwell (800) 299-1288 v
CTO (925) 377-1212 v
NameSecure (925) 377-1414 f
Coming to the ISPF? The Forum for ISPs by ISPs http://www.ispf.com
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
J.D. Falk
> The question isn't so much "does there exist any non-criminal SLD in
> the .to TLD". The question is: Does there exist any legitimate purpose
> for the .to TLD? Such as serving the Kingdom of Tonga or entities
> organized in the Kingdom of Tonga in any way? Or is it just rogue?
Who are we to decide? I think it's up to the Kingdom of Tonga,
not a nearly-random group of network engineers. But as always,
you are quite welcome to configure your nameservers to ignore
.TO domains.
--
J.D. Falk <jdf...@cp.net> Have you hugged your backups today?
Special Agent In Charge (Abuse Issues)
Critical Path, Inc.
------ Critical Path is hiring in all departments! ------
Nathan J. Mehl
>
> The specific question was whether or not the .to domain serves any
> useful purpose (such as a TLD for the Kingdom of Tonga) -- is there
> any reason to maintain it in the root servers?
Is the Kingdom of Tonga a recognized nation-state? Does it have an ISO
country code assigned to it? Is the general policy of the root servers
to host NS records for any ISO country-code domain legitmately operated
by an entity within that country?
QED...
Barry, this seems sort of silly. They have a stated abuse policy. You
have evidence that one of their registrants is operating in contravention
to that policy. What on earth is preventing you from making the obvious
phone call?
For what it's worth, I suspect that we will see a similar effect any
time a new domain with a liberal registration policy comes online.
People will flock to it, and among those people will be some bad actors.
For a while, it'll be particularly visible, until the spammers and suchlike
figure out that a different domain name doesn't shield them from anything,
then it'll fade into the background -- just another TLD. Rinse and
repeat.
-n
------------------------------------------------------------<mem...@blank.org>
And by / the phone / I live / in fear.
Sheer chance / will draw / you in / to here. (--Soul Coughing)
<http://www.blank.org/memory/>------------------------------------------------
Peter Stemwedel
>Kingdom of Tonga, but instead is being used only as a safe harbor for
>what appear to be malicious activities, then perhaps it should be
>decommissioned.
Like ending phrases and sentences in prepositions?
Peter Stemwedel
Network Engineer
InterAccess Co. pe...@interaccess.com
168 N. Clinton (312) 496-4694 Office
Chicago, IL 60661 (312) 496-4499 FAX
Aaron Goldblatt
>primarily malicious and abusive.
So, feel free to filter any IPs you see coming to Software Tool and Die's
routers that reverse to a .to domain. Fire up your procmail filters.
But I have legitimate business with a client who is registered in the .to
TLD. Where he got that registration from really is none of my business,
from a strictly operational standpoint. My job is to make sure that my
customers can talk to him if they want/need to.
Deactivating his TLD just 'cause one guy is getting spammed by them is ...
well ... silly? I guess that means we should revoke AOL's SLD, and
Hotmail's SLD, and Yahoo's SLD ... I get spam from them -all-the-time-.
ag
J.D. Falk
> You may believe that the above regulatory bodies are less than
> perfect. But what you can't do is assert that what goes on in their
> stead on the net works any better.
Get involved, then! Bitching about stuff on NANOG doesn't help,
as you've seen, so I really can't understand why you continue to
do so. If there's such an obvious gap, fill it!
Personally, I don't think the gap is nearly as bad as you think;
however, I'm involved with or on the edges of a number of groups
that are quite active in some of the areas you seem to feel are
missing from the Internet industry.
Of course, this is /way/ off of the inflammatory topic that you
started this thread with, so I'll save my prosyltizing(sp?) for
some future event.
Barry Shein
On October 1, 1998 at 01:37 j...@harkin.net (John Harkin) wrote:
> At 12:22 AM -0700 10/1/98, Barry Shein wrote:
> >So, to spell it out, the question is not whether or not there are
> >non-porn sites in the .to domain. The question is whether or not there
> >are any Tongan activities in the Tongan domain? Since the US Consulate
> >of the Kingdom of Tonga isn't even a Tongan site one wonders just what
> >purpose this domain is serving.
>
> The Tongan consulate in SF *is* Tongan territory, not US. Seems like a
> good place to keep a server to keep its traffic off the satellite to me.
The server with the tongan consulate net address appears to be a web
server for some software company and has nothing to do with Tonga as
far as I can tell.
Is it located at the Tongan consulate?
Chris Kilbourn
> On September 30, 1998 at 17:26 agl...@goldblatt.net (Aaron Goldblatt) wrote:
> > >I think it's beginning to become obvious, to me anyhow, that any claim
> > >that the internet is better regulated by those who are involved in its
> > >engineering is a total failure as a concept.
> >
> > You're therefore suggesting that the Internet is better regulated by those
> > who are totally unfamiliar with it. Or, in other words, you want your
> > heart transplant performed by a 10-year-old.
>
> People who work for the FAA know something about air traffic issues
> and aren't ten year olds. People who work for CDC know something about
> epidemiology and aren't ten year olds. Etc.
>
> Such regulatory agencies always employ people knowledgeable in the
> technical aspects of the subject.
Knowledgeable people != good policy makers
Knowledgeable people != good decisions about regulatory issues
Knowledgeable people != people you can trust
> What's peculiarly missing in the internet realm is much anyone with
> any skills in building processes by which decision-making and review
> of policies can occur.
So the IANA and IETF have been doing what for the past several years?
> That's why, I assume, raising any policy or resource issue is
> generally met with a flood of sarcastic remarks, non-sequitars, and in
> particular a total lack of process by which to address such an
> issue. It's completely missing.
I believe your assumption is incorrect. The issues involved
are control and the power to change things. Is it all that surprising
that people get a wee bit wound up over that? When you propose that
policy should be made by some regulatory agency instead of by consensus,
what do you expect? What you are proposing is nothing short of asking us
to abdicate power.
> You may believe that the above regulatory bodies are less than
> perfect. But what you can't do is assert that what goes on in their
> stead on the net works any better.
Why not? I can still pass a packet from one end to the other, and if
I can't, I can buy transit to do so. Fundamentally, that's all the
Internet needs to do. If that wasn't happening, or I couldn't buy
transit to do so, then I might be a little warmer to your ideas. As
it stands, I will vigorously oppose your desire to hand our collective
power of policy making to another entity just because they _might_ do
a better job than us.
Regards,
Chris
____________________________________________________________________
Chris Kilbourn System Administrator digital.forest
ki...@forest.net 425.483.0483 http://www.forest.net
Macintosh Internet Services Since 1994.
Aaron Goldblatt
>the .to TLD". The question is: Does there exist any legitimate purpose
>for the .to TLD? Such as serving the Kingdom of Tonga or entities
>organized in the Kingdom of Tonga in any way? Or is it just rogue?
That's for the owners of the TLD to decide, isn't it? Who are you or I to
determine what is and is not in the interests of the Kingdom of Tonga? For
example, can you tell me with absolute certainty that the porn sites you're
complaining about aren't in fact funded and operated by the government,
with the profits of these operations going into government coffers? Just
'cause that kind of thing is incomprehensible in the United States doesn't
mean that it can't, or even shouldn't, happen.
ag
Aaron Goldblatt
> > who are totally unfamiliar with it. Or, in other words, you want your
> > heart transplant performed by a 10-year-old.
>FCC are totally unfamiliar with, say, telephony? Or that they're all
>ten year olds?
Previous attempts by government entities to regulate the Internet have been
characterized by a total unfamiliarity with the medium. I have no reason
to believe that any future attempt to regulate the Internet will be marked
by any more competence than I've seen thus far.
>Such regulatory agencies always employ people knowledgeable in the
>technical aspects of the subject.
You're not asking for regulation based on technical aspects of the
Internet, though. You're asking for regulation based on someone offending
your social sensibilities. That's entirely different.
>That's why, I assume, raising any policy or resource issue is
>generally met with a flood of sarcastic remarks, non-sequitars, and in
>particular a total lack of process by which to address such an
>issue. It's completely missing.
It's completely missing mostly because of the history of the Internet, and
a resisitance on the part of the Powers That Be for creation of any central
authority. Inasmuch as I'm a vocal member of the Peanut Gallery, I would
participate in that resistance.
>You may believe that the above regulatory bodies are less than
>perfect. But what you can't do is assert that what goes on in their
>stead on the net works any better.
Actually, I would suggest that it does. The system that we have today is
free from government interference, which encourages effeciency and
creativity. Encouraging government regulation because you're personally
offended is ... well ... stupid.
ag
John Harkin
>The server with the tongan consulate net address appears to be a web
>server for some software company and has nothing to do with Tonga as
>far as I can tell.
>
>Is it located at the Tongan consulate?
I just looked at http://sfconsulate.gov.to/ and it is clearly about the
Kingdom. I'm not sure what you saw.
My info about that server is old, it appears instead of being at the end of
a 56k line at the consulate, it is now at one of Best's colo facilities.
The primary nameserver for TO, tonic.to, is still at the consulate.
Aaron Goldblatt
>server for some software company and has nothing to do with Tonga as
>far as I can tell. Is it located at the Tongan consulate?
Why is this your business? Are you responsible for policing the .to TLD,
or are you responsible for administering the network at the Tongan San
Francisco Consulate?
If the answer is no to both of the above (and I suspect it is), get off it.
ag
Barry Shein
On October 1, 1998 at 11:08 sjs...@nacs.net (Steven J. Sobol) wrote:
> On Thu, Oct 01, 1998 at 03:22:55AM -0400, Barry Shein wrote:
>
> > No, a typical method of judgement used where something won't likely be
> > 100% one way or the other is the "preponderance of evidence".
>
> Agreed, and I don't think you have that, either!
That's nice, but lacking any review process you're just twiddling bits
in public (and so am I, not my point.)
> > More importantly, in the case of a gTLD, does it serve any useful
> > purpose for which it was issued, overall?
> >
> > Since the examples you've given don't seem to me to be entities
> > organized within the Kingdom of Tonga, even if they're not porn
> > sites*, what purpose is being served by keeping .to in the root
> > servers?
>
> It's already been pointed out that there IS no one-to-one mapping of
> domain names to geographical areas. What's your point?
Please. There may be no one-to-one mapping, but surely there is some
reason we adopted the ISO two-letter codes as TLDs.
Why must these discussions always devolve into nihilism?
> > * Porn per se was never the touchstone issue
>
> OK - I am glad we agree on this.
>
> --
>
> Anyone who spams me will be subject to torture by Jake,
> my killer attack hedgehog, and/or Lizzy and Junior, my man-eating iguanas.
--
Barry Shein
On October 1, 1998 at 11:09 mem...@blank.org (Nathan J. Mehl) wrote:
> Barry, this seems sort of silly. They have a stated abuse policy. You
> have evidence that one of their registrants is operating in contravention
> to that policy. What on earth is preventing you from making the obvious
> phone call?
Gosh that sounds so good Nathan.
Unfortunately, as of right this minute, 10/1 at 2:20PM EDT, these porn
domain forgers are back on the Tonga site and spamming away again
forging our domain name into their spams.
Something is very, very wrong with the Tongan domain and its
management. They're not removing criminal domain-hijacking spammers,
they're just letting them change their name as far as I can tell.
Barry Shein
With all due respect, I think your management of the .to domain is a
hazard to the internet and should be ceased immediately. By your gross
negligence you are providing safe haven to criminals.
As of this minute, about 2:30PM EDT 10/1/98, the domain-hijacker
spammers have a web address in the .to domain and are
spamming/domain-forging to advertise this, as they have been
doing for weeks.
-Barry Shein
Software Tool & Die | b...@world.std.com | http://www.world.com
Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
The World | Public Access Internet | Since 1989 *oo*
scott w
It has been changed within the duration of this monster thread.
Barry Shein
On October 1, 1998 at 01:28 an...@enigma.mtco.com (Andy Walden) wrote:
> "legit" in I paid $100 for a service, the same as you did when you
that doesn't make it legit, that just might mean you're out $100.
> contracted the std.com domain. Network abuse needs to be handled on the
No, I registered std.com as a commercial site in the commercial TLD.
And your connection to the Kingdom of Tonga is...?
> provider/upstream level. Leave the registries alone as they have enough
> problems as it is.
I think your opinion might be colored by the possibility of your being
out $100 if the .to domain is decommissioned.
--
Barry Shein
On October 1, 1998 at 10:26 agl...@goldblatt.net (Aaron Goldblatt) wrote:
> >But we can cut off our half of the connection if we feel it is
> >primarily malicious and abusive.
>
> So, feel free to filter any IPs you see coming to Software Tool and Die's
> routers that reverse to a .to domain. Fire up your procmail filters.
>
> But I have legitimate business with a client who is registered in the .to
> TLD. Where he got that registration from really is none of my business,
> from a strictly operational standpoint. My job is to make sure that my
> customers can talk to him if they want/need to.
>
> Deactivating his TLD just 'cause one guy is getting spammed by them is ...
That was never the complaint. Are you being willfully ignorant or does
it just come naturally?
> well ... silly? I guess that means we should revoke AOL's SLD, and
> Hotmail's SLD, and Yahoo's SLD ... I get spam from them -all-the-time-.
>
> ag
--
J.D. Falk
> On 1 Oct 1998, Eric Gullichsen wrote:
>
> > We are sorry to hear that you have been having problem with SPAM involving a
> >.TO domain, and wish to draw your attention to the fact that .TO is the
> >*only* top level domain we know of with an explicit antispam policy.
>
> Nope. Both .NU and .CC do as well off the top of my head.
IIRC, TOnic was the first.
kbr...@teamhuber.com
Barry Shein <b...@world.std.com> on 10/01/98 01:41:18 PM
To: Aaron Goldblatt <agl...@goldblatt.net>
cc: na...@merit.edu (bcc: Kevin Brown/Teamhuber)
Subject: Re: Is the .to (Tonga) domain completely rogue and should be
removed?
That was never the complaint. Are you being willfully ignorant or does
it just come naturally?
--
-Barry Shein
ManOMan.. this is the exact same thought I was having about your behavior
Barry. Take your crank elsewhere...I think the overwhelming populace of
this list are absolutely tired of your willfully ignorant behavior and
obvious social shortcomings. Seek help Barry, Seek it away from Nanog.
STOP THIS THREAD. If you think you have a problem with .TO call the phone
number, lodge a complaint with them, but please don't use NANOG as your
"Party-Line Phone System." That technology went away (mostly) long
ago...please take yourself with it.
I suspect a former Tongan friend of yours has done you wrong, and now you
are lashing out publically for it...they have a name for this Barry...
displacement of anger. Please...displace yourself elsewhere...
Must I go on? or can someone completely remove the rogue user Barry? Seems
as if his postings are becoming a new "spam" of sorts... personal
enlightenment at the cost of others, and their bandwidth.
Someone get a Binky for Barry.
Barry Shein
On October 1, 1998 at 11:50 agl...@goldblatt.net (Aaron Goldblatt) wrote:
> Previous attempts by government entities to regulate the Internet have been
> characterized by a total unfamiliarity with the medium. I have no reason
> to believe that any future attempt to regulate the Internet will be marked
> by any more competence than I've seen thus far.
Which of course begs the question as to whether or not it will be
better than the current situation.
As the expression goes, even a bad plan is better than no plan at all.
Barry Shein
Apparently it's been changed in the past 24 hours, probably as a
result of this discussion.
I'm sure others here checked it out and found what I found, ads for a
software company, you're the first one to report otherwise (and yes
right now it does seem to suddenly say something about Tonga.)
I smell something fishy going on here.
On October 1, 1998 at 11:02 j...@harkin.net (John Harkin) wrote:
> At 10:23 AM -0700 10/1/98, Barry Shein wrote:
> >The server with the tongan consulate net address appears to be a web
> >server for some software company and has nothing to do with Tonga as
> >far as I can tell.
> >
> >Is it located at the Tongan consulate?
>
> I just looked at http://sfconsulate.gov.to/ and it is clearly about the
> Kingdom. I'm not sure what you saw.
>
Barry Shein
Has Aaron read a word of this discussion? How can he reply over and
over and not have understood a word of it.
As of last time I checked, around 2:30PM EDT 10/1/98, the porn site
involved in spamming and domain hijacking etc had an operational
address within the .to name space, and they continue to spam and
hijack/forge, the bounces and complaints are still coming in.
On October 1, 1998 at 13:00 agl...@goldblatt.net (Aaron Goldblatt) wrote:
> >The server with the tongan consulate net address appears to be a web
> >server for some software company and has nothing to do with Tonga as
> >far as I can tell. Is it located at the Tongan consulate?
>
> Why is this your business? Are you responsible for policing the .to TLD,
> or are you responsible for administering the network at the Tongan San
> Francisco Consulate?
>
> If the answer is no to both of the above (and I suspect it is), get off it.
>
> ag
--
Barry Shein
Bingo!
Now what do people have to say about my claim that some sort of active
fraud appears to be going on?
On October 1, 1998 at 08:29 sc...@digisle.net (scott w.) wrote:
>
>
> It has been changed within the duration of this monster thread.
>
>
> On Thu, 1 Oct 1998, John Harkin wrote:
>
> > I just looked at http://sfconsulate.gov.to/ and it is clearly about the
> > Kingdom. I'm not sure what you saw.
--
Barry Shein
You know, Mr Gullichsen, you can answer every complaint you get with
"why didn't you tell us this before!", but it's not fooling anyone.
So why was the Consulate's web page changed from an advertisement for
a software company to something having to do with the Kingdom of Tonga
in the past couple of hours?
-b
On October 2, 1998 at 07:50 egul...@tonic.to (Eric Gullichsen) wrote:
>
> Mr. Shein:
>
> > With all due respect, I think your management of the .to domain is a
> > hazard to the internet and should be ceased immediately. By your gross
> > negligence you are providing safe haven to criminals.
>
> I'm sorry, but your reply leaves me somewhat mystified.
>
> If you could be more specific as to what acts of "gross negligence"
> you believe Tonic is guilty of in its management of the .TO top level
> domain, we would take your opinions under serious evaluation and
> see if there are ways we could improve the operation of our registry.
>
> > As of this minute, about 2:30PM EDT 10/1/98, the domain-hijacker
> > spammers have a web address in the .to domain and are
> > spamming/domain-forging to advertise this, as they have been
> > doing for weeks.
>
> In my last posting, I brought to your attention the existence of
> our pioneering antispam policy. If you could be specific as to
> which "domain-hijacker spammers have a web address in the .to domain"
> and send a copy of the spam(s) to hostm...@tonic.to,
> we would be able to warn the domain name holders, and/or
> terminate their domain name registration if they are in repeated
> violation of our antispam policy.
>
> Regards,
Barry Shein
The question is whether or not the .to domain is being run for any
legitimate purpose (i.e., should it be maintained in the root
servers), and how that question might be reviewed, or has it been
mostly hijacked for malicious purposes?
-b
On October 1, 1998 at 11:59 kgr...@resolution.com (kgr...@resolution.com) wrote:
>
>
> > Unfortunately, as of right this minute, 10/1 at 2:20PM EDT, these porn
> > domain forgers are back on the Tonga site and spamming away again
> > forging our domain name into their spams.
>
> If this is the issue at hand, why is the topic centered on a domain
> registry that happens to resolve one of their ips? Shouldn't the issue be
> taken up with whoever is providing transport to the said sites?
>
> Perhaps this is an issue of my own lack of experience, but I don't
> understand why .to should be singled out at all. For this case, the
> miscreants could be running without any name resolution. Certainly
> everyone here is willing to acknowledge that a domain name is simply
> symbolic.
>
> I think holding the Kingdom of Tonga responsible for these spammers having
> namespace under their iso tld is just as ludicrous as holding STD
> respnisble for 'permitting' their domain name to be forged.
>
> ..kg..
>
>
> >
> > Something is very, very wrong with the Tongan domain and its
> > management. They're not removing criminal domain-hijacking spammers,
> > they're just letting them change their name as far as I can tell.
Steven J. Sobol
>
> Unfortunately, as of right this minute, 10/1 at 2:20PM EDT, these porn
> domain forgers are back on the Tonga site and spamming away again
> forging our domain name into their spams.
Barry.
Court cases have been won against spammers forging others' domains.
Suggestion: Concentrate on slamming these losers in court instead of railing
against the TLD admins.
I mean, I don't doubt you've already initiated legal action, but the
discussion we're having is counterproductive.
Stephen Sprunk
between you and TONIC about these spammers.
I'm sure that TONIC would have cut them off if you had legitimate
complaints.
Even if they didn't, they have no more *obligation* to do so than NSI
has to remove a spammer from COM or ISI has to remove a spammer from US.
The Kingdom of Tonga has made a policy decision regarding a national
asset. That is their right to do, just as it's the US's right to ruin
the scenery at Niagara Falls and other national parks by allowing
commercialization.
This is an issue between you, TONIC, and IANA. Leave NANOG out of it.
Stephen (not Cisco)
Barry Shein wrote:
>
> With all due respect, I think your management of the .to domain is a
> hazard to the internet and should be ceased immediately. By your gross
> negligence you are providing safe haven to criminals.
>
> As of this minute, about 2:30PM EDT 10/1/98, the domain-hijacker
> spammers have a web address in the .to domain and are
> spamming/domain-forging to advertise this, as they have been
> doing for weeks.
>
--
| | Stephen Sprunk, KD5DWP, CCIE #3723
:|: :|: NSA, Network Consulting Engineer
:|||: :|||: 14875 Landmark Blvd #400; Dallas, TX
.:|||||||:..:|||||||:. Pager: 800-365-4578 / 800-901-6078
C I S C O S Y S T E M S Email: ssp...@cisco.com
Stephen Sprunk
May 20, 1998, I'd bet that it was a server configuration error that has
been corrected in the last 24 hours. The images on that page don't look
like they were thrown together in response to your allegations, IMO.
It has already been stated that the sfconsulate.gov.to is located at
Best's server colocation facilities, which means it's probably on the
same box as many other web servers. Such servers often have config
problems, and that was probably brought to the attention of the folks at
Best.
I smell no fish.
Stephen (not Cisco)
Barry Shein wrote:
>
> Apparently it's been changed in the past 24 hours, probably as a
> result of this discussion.
>
> I'm sure others here checked it out and found what I found, ads for a
> software company, you're the first one to report otherwise (and yes
> right now it does seem to suddenly say something about Tonga.)
>
> I smell something fishy going on here.
>
--
Barry Shein
On October 1, 1998 at 14:46 ssp...@cisco.com (Stephen Sprunk) wrote:
> Considering that the Last-Modified time on the Tongan consulate page is
> May 20, 1998, I'd bet that it was a server configuration error that has
> been corrected in the last 24 hours. The images on that page don't look
> like they were thrown together in response to your allegations, IMO.
No, but the pointer (link) to the page may have been changed. I'm not
shocked that the page contents have existed for a while, they just
weren't visible via the consulate's address.
Although what you say is possibly true your reasoning borders on
nonsense. The page could be years old, but wasn't being pointed to as
the main page to load.
What's your interest in running such a stretch of reasoning anyhow? No
one claiming to be involved in the actual management of the page has
commented either way, thus far.
Isn't the more obvious explanation that someone changed the links in
the past few hours, as others have observed?
Why the contortions to suggest otherwise?
> It has already been stated that the sfconsulate.gov.to is located at
> Best's server colocation facilities, which means it's probably on the
> same box as many other web servers. Such servers often have config
> problems, and that was probably brought to the attention of the folks at
> Best.
>
> I smell no fish.
Sometimes even your best friends won't tell you...
> Stephen
Aaron Goldblatt
>Something is very, very wrong with the Tongan domain and its
>management. They're not removing criminal domain-hijacking spammers,
>they're just letting them change their name as far as I can tell.
Maybe because you haven't followed their abuse policy. Wow.
ag
kg
> Unfortunately, as of right this minute, 10/1 at 2:20PM EDT, these porn
> domain forgers are back on the Tonga site and spamming away again
> forging our domain name into their spams.
If this is the issue at hand, why is the topic centered on a domain
registry that happens to resolve one of their ips? Shouldn't the issue be
taken up with whoever is providing transport to the said sites?
Perhaps this is an issue of my own lack of experience, but I don't
understand why .to should be singled out at all. For this case, the
miscreants could be running without any name resolution. Certainly
everyone here is willing to acknowledge that a domain name is simply
symbolic.
I think holding the Kingdom of Tonga responsible for these spammers having
namespace under their iso tld is just as ludicrous as holding STD
respnisble for 'permitting' their domain name to be forged.
..kg..
>
> Something is very, very wrong with the Tongan domain and its
> management. They're not removing criminal domain-hijacking spammers,
> they're just letting them change their name as far as I can tell.
>
Stephen Sprunk
May 20, 1998, I'd bet that it was a server configuration error that has
been corrected in the last 24 hours. The images on that page don't look
like they were thrown together in response to your allegations, IMO.
It has already been stated that the sfconsulate.gov.to is located at
Best's server colocation facilities, which means it's probably on the
same box as many other web servers. Such servers often have config
problems, and that was probably brought to the attention of the folks at
Best.
I smell no fish.
Stephen
Nathan J. Mehl
> > Barry, this seems sort of silly. They have a stated abuse policy. You
> > to that policy. What on earth is preventing you from making the obvious
> > phone call?
>
> Gosh that sounds so good Nathan.
>
> domain forgers are back on the Tonga site and spamming away again
> forging our domain name into their spams.
Er, I take it from the "again" that you _did_ try to contact the
Tonic registry? You're being uncharactistically cagy on this point...
> Something is very, very wrong with the Tongan domain and its
> management. They're not removing criminal domain-hijacking spammers,
> they're just letting them change their name as far as I can tell.
Barry, if they're even doing so much as _that_, that's more than
Network Solutions will do to somebody "abusing" the .com domain.
I'm really mystified by your approach to this. ".to" is a TLD like
any other. Your current crop of spammers isn't "on the Tonga site"
any more than Jeff Slayton or Sanford Wallace were "on" Network
Solution's "site".
And your perception that .to is largely or entirely comprised of
spammers and scam artists is, well, a perception, and one that
doesn't seem to really line up well with the facts at hand.
Look, I understand that you're frustrated that World is under
attack and that the culprits haven't been shut down yet, but
pointing the finger at their domain registry seems strangely
counterproductive, especially when that registry is doing no
worse (and in some lights much better) than any other TLD in
dealing with abuse issues.
-n
------------------------------------------------------------<mem...@blank.org>
"Reading [James] Ellroy can be like deciphering Morse code tapped out by a
pair of barely sentient testicles." (--Dwight Garner, in _Salon_)
<http://www.blank.org/memory/>------------------------------------------------
Stephen Sprunk
between you and TONIC about these spammers.
I'm sure that TONIC would have cut them off if you had legitimate
complaints.
Even if they didn't, they have no more *obligation* to do so than NSI
has to remove a spammer from COM or ISI has to remove a spammer from US.
The Kingdom of Tonga has made a policy decision regarding a national
asset. That is their right to do, just as it's the US's right to ruin
the scenery at Niagara Falls and other national parks by allowing
commercialization.
This is an issue between you, TONIC, and IANA. Leave NANOG out of it.
Stephen (not Cisco)
Barry Shein wrote:
>
> Unfortunately, as of right this minute, 10/1 at 2:20PM EDT, these porn
> domain forgers are back on the Tonga site and spamming away again
> forging our domain name into their spams.
>
> Something is very, very wrong with the Tongan domain and its
> management. They're not removing criminal domain-hijacking spammers,
> they're just letting them change their name as far as I can tell.
>
--
Magnus Bergman
>
> This is not a review process, what good would providing any proof
> whatsoever do? Other than perhaps satisfying your personal curiosity.
That's great, then this thread can end here.
Regards //Tri
mi...@alaska.net
Barry,
As you yourself have stated, how can anyone comment on how the pages have
changed if they have not been personally involved in the management of the
website.
I don't see how you can then make claims that pointers have changed, and
at the same time blow off other speculations concerning web server
configurations, etc.
This thread is started to smell like a dead horse; please, let it die.
Mike Messick email: sysa...@alaska.net
Network Administration - Internet Alaska, Inc.
(907) 562-4189 voice (907) 562-1677 fax
1024/FBB026B9 94 6B F6 05 DA 6A C0 1E 48 19 EC 27 F7 50 B8 A7
On Thu, 1 Oct 1998, Barry Shein wrote:
>
> On October 1, 1998 at 14:46 ssp...@cisco.com (Stephen Sprunk) wrote:
> > Considering that the Last-Modified time on the Tongan consulate page is
> > May 20, 1998, I'd bet that it was a server configuration error that has
> > been corrected in the last 24 hours. The images on that page don't look
> > like they were thrown together in response to your allegations, IMO.
>
> No, but the pointer (link) to the page may have been changed. I'm not
> shocked that the page contents have existed for a while, they just
> weren't visible via the consulate's address.
>
> Although what you say is possibly true your reasoning borders on
> nonsense. The page could be years old, but wasn't being pointed to as
> the main page to load.
>
> What's your interest in running such a stretch of reasoning anyhow? No
> one claiming to be involved in the actual management of the page has
> commented either way, thus far.
>
> Isn't the more obvious explanation that someone changed the links in
> the past few hours, as others have observed?
>
> Why the contortions to suggest otherwise?
>
>
>
> > It has already been stated that the sfconsulate.gov.to is located at
> > Best's server colocation facilities, which means it's probably on the
> > same box as many other web servers. Such servers often have config
> > problems, and that was probably brought to the attention of the folks at
> > Best.
> >
> > I smell no fish.
>
> Sometimes even your best friends won't tell you...
>
> > Stephen
> >
> >
> > Barry Shein wrote:
> > >
> > > Apparently it's been changed in the past 24 hours, probably as a
> > > result of this discussion.
> > >
> > > I'm sure others here checked it out and found what I found, ads for a
> > > software company, you're the first one to report otherwise (and yes
> > > right now it does seem to suddenly say something about Tonga.)
> > >
> > > I smell something fishy going on here.
> > >
> >
Jared Mauch
person left out.
Now that it's out in the public like this, will you stop?
- jared
Roeland M.J. Meyer
WRT "Is the .to (Tonga) domain completely rogue and should be removed?"
>plonk<
This is the first filter I've had to place in NANOG. This subject is really
in the Domain-Policy area and not a part of NANOG. By definition, TO is not
in the realm of NANOG.
I note that Domain-Policy list is not even on this distro, whereas I know
for fact that you have also posted this subject there as well. Please leave
it there, that is where it properly belongs. Yes, many of us are also
subscribers to domain-policy list at the InterNIC. Actually, your remove TO
rant should go to IANA, but we both know that Postel is unresponsive to
such complaints.
Be that as it may, I rather not see this rant in NANOG any longer.
_________________________________________________
Morgan Hill Software Company, Inc.
Colorado Springs, CO - Livermore, CA - Morgan Hill,
CA
Domain Administrator
MHSC2-DOM and MHSC3-DOM
Administrative and Technical contact
____________________________________________
InterNIC Id: MHSC hostmaster (HM239-ORG)
e-mail: <mailto:hostm...@mhsc.com>mailto:hostm...@mhsc.com
web -pages: <http://www.mhsc.com/>http://www.mhsc.com/
____________________________________________
A group of politicians deciding to dump a President because his morals
are bad is like the Mafia getting together to bump off the Godfather for
not going to church on Sunday.
-- Russell Baker
J.D. Falk
> Now what do people have to say about my claim that some sort of active
> fraud appears to be going on?
As many people have already said, whether your claim is valid
or not, NANOG is not an approrpiate forum for airing it.
Jay R. Ashworth
> Would it make you happier if the porn sites in .to
> were exclusively Tongan? P
Yes.
:-)
Cheers,
-- jr 'pointers?' a
--
Jay R. Ashworth j...@baylink.com
Member of the Technical Staff "The net is safer in bad weather: you
The Suncoast Freenet can't run a backhoe
Tampa Bay, Florida in a hurricane." (after Sean Donelan) +1 813 790 7592
Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com
Jay R. Ashworth
> hard to challenge them in a legal context). Of course it works
> the other way also, if someone from the Kingdom of Tonga were to
> read this thread and decide they *didn't* want to register spam
> and porn havens then perhaps it would be a good thing if that
> government (i.e., registry) had the authority to say who was in
> and who was out of the .TO domain.
Is anyone at all suggesting that the Kingdom _does not_ have the
authority to do that?
I believe Barry's original argument was that he didn't think they
_should_ have that authority (or, more accurately, that someone ought
to be able to override their judgement on the fact), but perhaps I
misunderstood him...
Cheers,
-- jra
Jay R. Ashworth
> No, I registered std.com as a commercial site in the commercial TLD.
> And your connection to the Kingdom of Tonga is...?
Um, Barry? Not to put too fine a point on it, but I believe the answer
to that question is "good enough for the Kingdom of Tonga", and they're
the only people to whom it _needs_ to be a good enough connection...
or _are_ you asserting that it ought to be someone else's business?
Jay R. Ashworth
> The question isn't so much "does there exist any non-criminal SLD in
> the .to TLD". The question is: Does there exist any legitimate purpose
> for the .to TLD? Such as serving the Kingdom of Tonga or entities
> organized in the Kingdom of Tonga in any way? Or is it just rogue?
Well, someone just offered to ask the king; here's what they should ask:
"Are you satisfied with the behavior of the people to whom you have
delegated the authority to manage your TLD?"
If he is... end of story.
Cheers,
-- jr 'for the _rest_ of us, anyway...' a
Barry Shein
On October 1, 1998 at 14:08 agl...@goldblatt.net (Aaron Goldblatt) wrote:
> > > Barry, this seems sort of silly. They have a stated abuse policy. You
> >Something is very, very wrong with the Tongan domain and its
> >management. They're not removing criminal domain-hijacking spammers,
> >they're just letting them change their name as far as I can tell.
>
Aaron: Clearly we're talking about what to do in reaction to some of
the worst kinds of abusers on the net, second perhaps only to outright
crackers and smurfers, and the mismanaged resources they exploit.
We're talking about people who send tens of thousands, at least, of
unsolicited email messages daily, many with explicit language in the
Subject headers, advertising a porn site address in the .to domain.
In addition, these messages have From: addresses forged into them with
others' legitimate domain names, soas to cause the owners of that
domain to be pummelled day and night with bounces and complaints.
Judging from the actual behavior, which is indisputable, these
criminals are finding the .to domain to be a convenient haven to
operate out of, probably due to the mismanagement (I'm not really
accusing those involved with .to of anything more than possible
mismanagement) of the .to domain as much as anything else. For
example, it appears they, whoever is administering this .to domain
(and it's apparently not Tonga), have absolutely no idea who is
creating domains in their space, and will shut off an abusing domain
and a few minutes later give the same people another domain.
Now, explain to us again exactly what your interest in defending these
people so strenuously?
I don't get it.
These appear to be some of the worst vermin on the net and are
enormous time sink, and are being aided and abetted by what appears to
be gross mismanagement, at best, and yet there you are ready in a
second to leap to their defense?
Why?
Barry Shein
Look, Mr Gullichsen, why don't you answer the underlying question and
explain why you keep registering domains for these ADULTSIGHTS.COM
criminals to use, sometimes more than once per day?
It has to be generating hundreds of complaints daily.
It's been going on today under yet another .to domain.
So which is it? Gross incompetence, negligence, or complicity?
I don't think saying that you'll remove any spammer domain when you
hear a complaint and then NOT saying (and a minute later you'll give
them a new domain to use) is a satisfactory answer.
But thank you for affirming that, as I said, the web page for the
Consulate of Tonga was changed today from an ad for a software company
to something to do with Tonga.
On October 2, 1998 at 09:15 egul...@tonic.to (Eric Gullichsen) wrote:
>
>
>
> Mr. Shein:
>
> > You know, Mr Gullichsen, you can answer every complaint you get with
> > "why didn't you tell us this before!", but it's not fooling anyone.
>
> I don't answer every complaint with that reply, nor did I answer your
> complaint in that manner. What I did was to bring to your attention
> Tonic's published antispam policy, and to request that if you were
> having problems with SPAM involving any .TO domain names, that you inform
> us as to what those names are, so we can deal with them in accordance
> with our policy.
>
> > So why was the Consulate's web page changed from an advertisement for
> > a software company to something having to do with the Kingdom of Tonga
> > in the past couple of hours?
>
> We recently moved a number of servers to a colocated facility
> for improved bandwidth. The mail POP for the Consulate was one of these,
> and now runs on a machine supporting a number of virtual IP addresses.
> There is no web page for the Consulate, and as a result of the fact that
> there was no explicit VirtualHost directive for sfconsulate.gov.to
> in the Apache config file, web accesses defaulted to another
> virtual IP on the same machine, which is that of a software company.
>
> As a result of your discovering this, I recently added a VirtualHost
> directive so that accesses to port 80 on the sfconsulate.gov.to IP address
> return the Tonga Visitor's Bureau home page, www.vacations.tvb.gov.to
> Thank you for pointing this out.
>
> You may note that the Tonga Visitor's Bureau home page also
> prominently features an advertisement for Tonic.
>
> This is intentional.
Jon Green
>These appear to be some of the worst vermin on the net and are
>enormous time sink, and are being aided and abetted by what appears to
>be gross mismanagement, at best, and yet there you are ready in a
>second to leap to their defense?
Perhaps you should threaten to sue them, as you did a few years back
when someone wanted to delink your IRC server.
Please, immediately telnet to the clue server and issue the 'get' command.
-Jon
-----------------------------------------------------------------
* Jon Green * "Life's a dance *
* jcg...@netins.net * you learn as you go" *
* Finger for Geek Code/PGP * *
* #include "std_disclaimer.h" * http://www.quadrunner.com/~jon *
-------------------------------------------------------------------------
Karl Mueller
Nobody warned me that Jim Fleming had a brother! Ayeiii....
We now return you to TongaV8, in progress..
Karl
>
>Not clear. Obviously .to is being run in a very unusual way. Among
>other things, I guess the spammers can instantly sign up new domains
>for their web sites as fast as .to can take them down (which isn't
>very fast, but for discussion's sake.)
>
>That's quite unusual, and the entire activity seems to have nothing to
>do with the Kingdom of Tonga or any entitites within that country
>except inasmuch as they seem to look the other way and probably get
>some money for it (others have claimed this.)
>
>But the proof is in the pudding, ADULTSIGHTS.COM is finding the way
>the .to domain is being managed very useful to their mass spamming and
>other criminal (e.g., domain hijacking) activities.
>
>Taken togther, I say that's a problem. What should be done about it is
>yet another question, of course.
>
>Also, I'm not sure I agree with your characterization that businesses
>etc which have registered a Tongan domain, but have no other
>relationship with Tonga, are "legitimate".
>
>They may be banal, harmless, other than what may well be prima facie
>evidence of intent to defraud by advertising a business etc in a
>country they don't actually have any presence in, but that doesn't
>necessarily make the usage "legitimate".
>
>I don't think I'd want to be on the wrong side of a court case, even
>if unfair, with the other side pointing out that I was doing business
>via a network address in the Kingdom of Tonga, unless I really had a
>good reason for doing so other than "I thought the name was cute". The
>law doesn't tend to look kindly on businesses which purposely
>obfuscate their identity and whereabouts.
Steven J. Sobol
> > > Certainly the legal confusion surrounding the gtld's shouldn't
> > > be used as a rational for not developing a process (which is
> > > what Barry suggested) for attending to problems associated with
> > > the country code domains.
> >
> > What sort of problems?
>
> Trademark/service mark conflicts come to mind. But in general I
> would say one function of a legal system is to mediate disputes.
That, of course, is what NSI does. They disclaim responsibility for
arbitrating intellectual property disputes, and since they are not a
legislative or judicial agency, I'd have to say that is the correct
decision.
> Barry raised an issue (valid or not, take your pick) and asked if
> we should have a system by which disputes related to Internet
> facilities (such as domain name space) could be handled.
Right.
> To be more specific, an entity utilizing the .TO domain name was
> misrepresenting themselves using Barry's domain in .COM. Now
> perhaps if Barry's domain was world.std.com.US he would have a more
> obvious legal process by which he could defend his use of
> world.std.com.US because it would clearly be within the name space
> assigned to the United States.
No, I don't necessarily think so. When something is done that is actionable,
either civilly (e.g. forgery of Barry's domain) or criminally (smurf attack),
I don't see how it's possible to judge jurisdiction based on Internet domain.
Barry Shein
I've never threatened to sue anyone in my life.
Steven J. Sobol
> In high school some upper-class students would sell incoming freshman
> swimming pool passes. Unfortunately, our high school had no swimming
> pool. But I guess if they paid for them they were "legitimate" pool
> passes.
If the Tongan government were taking payments for domains that were
subsequently never registered, you'd have a point.
> for the .to TLD? Such as serving the Kingdom of Tonga or entities
> organized in the Kingdom of Tonga in any way? Or is it just rogue?
Would you even be raising these questions if someone using a .TO domain
hadn't forged a std.com address?
Jay R. Ashworth
> The question was what we should do, not what they should do. For
> example, should we remove their domain from the top level servers if
> it has ceased to serve any legitimate purpose?
<sigh>
Legitimate to _whom_, Barry? It's a _TLD_. It only has to be
"legitimate" to the Administrative Contact in the whois record, as far
as I can see.
> But we can cut off our half of the connection if we feel it is
> primarily malicious and abusive.
"our half of the connection". The link itself is almost certainly
commercial, and the root DNS entries, I strongly suspect, are there in
trust for the IANA, who are the administrative owners of "", to the
extent that there are any, I think.
Cheers,
-- jra
Steven J. Sobol
> With all due respect, I think your management of the .to domain is a
> hazard to the internet and should be ceased immediately. By your gross
> negligence you are providing safe haven to criminals.
I will bet $5 right now that Barry hadn't even spoken to anyone at TONIC
until now.
Barry Shein
Mueller: You really need to explain your financial interest in all
this before making these pathetic spin attempts.
Steven J. Sobol
> You know, Mr Gullichsen, you can answer every complaint you get with
> "why didn't you tell us this before!", but it's not fooling anyone.
You know, Mr. Shein, you can compose each one of your posts to make it look
like you've been bugging TONIC for weeks to remove the domain, but it's not
fooling anyone.
J.D. Falk
> These appear to be some of the worst vermin on the net and are
> enormous time sink, and are being aided and abetted by what appears to
> be gross mismanagement, at best, and yet there you are ready in a
> second to leap to their defense?
Nobody's leaping to the spammers' defense. Everybody seems
to be leaping to TOnic's defense...or, at least, saying that
your gripe with TOnic is unfounded.
Karl Mueller
>Mueller: You really need to explain your financial interest in all
>this before making these pathetic spin attempts.
>
Actually Barry, I would make fun of you, regardless of any financial
interests, because your position is so idiotic. You apparently
do not grasp the concept that Tonga is a sovereign entity performing
*at worst* as well as or better than other public registries in
spam related matters, or that NANOG is an entirely inappropriate forum
to discuss something not related to North American Operations at all.
In addition to the aforementioned KD Award, I am announcing Barry
as the first winner of the prized Jim Fleming Award, for delusional
behavior in a generous helping of posts on NANOG which annoy everybody.
By the way, if it seems I am not taking you seriously, you are entirely correct.
Karl
Jay R. Ashworth
> On October 1, 1998 at 11:09 mem...@blank.org (Nathan J. Mehl) wrote:
> > Barry, this seems sort of silly. They have a stated abuse policy. You
> > to that policy. What on earth is preventing you from making the obvious
> > phone call?
>
> Gosh that sounds so good Nathan.
>
> domain forgers are back on the Tonga site and spamming away again
> forging our domain name into their spams.
>
> management. They're not removing criminal domain-hijacking spammers,
Damnit, Barry:
DID YOU MAKE THE CALL?
Cjeers,
Jay R. Ashworth
> What if a country ceased to exist entirely and the domain they were
> using was hijacked by some random, unrelated entity for their own
> malicious purposes? Would that justify decommissioning the TLD
> (meaning, removing it from the root servers)?
Here, at last, is a useful question. What _is_ the basis for the
activation of an ISO 3166 2-letter ccTLD; that is, how does one get on
and off ISO's list?
Cheers,