You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by doneshlaher <do...@directi.com> on 2013/06/14 10:39:32 UTC

Re: .pw / Palau URL domains in spam

Hello All,

Firstly, I would like to thank you all for helping us fight against this
massive spam outbreak. Let me give you a quick feedback about this issue and
our mitigation policies to curb the spam outbreak.

Ever since the spam outbreak on .pw, we as the Registry have spent the past
month and a half by undertaking a massive cleanup initiative. We have not
waited for the Registrars to investigate and respond to complaints; rather
we have ourselves taken down domain names which have proven to be abusive.

Our abuse desk has been kept busy with large volumes of complaints against
.pw domains, each being responded within the time frame of 24 hours (and in
most cases within a matter of few hours). The team has successfully traced
the source of these spammy domains to customers under a single Registrar
account. This means that more than pricing, this attack manifests itself as
an activity carried out by an organized group of spammers targeting one
particular Registrar portfolio. To curb this abuse, we have considered to
respond and taken down reported domain names belonging to this Registrar.

In order to control this incident, we have tightened the nooze around other
Registrars as well, thus implying the repercussions of our AUP violation
(which we have been very particular about).

We have also been eliminating abusive domains name proactively at the
registration phase by using pattern matching and anomaly based methods. This
approach has proven to be very effective and has successfully eliminated
20-30% of domain names which are likely to be used for illicit activities.

In addition, to responding to complaints from individual internet users, the
.pw Registry has been working closing with anti-abuse entities such as
Symantec ,Spamhaus and SURBL. We have also tied up with NameSentry to beef
up our abuse monitoring process. Being a Registry, we have access to very
limited information as compared to a Registrar. Yet we have managed to weed
out and terminate abusive domain names more proactively, compared to other
Registries out there.

Last but not the least, we would like to thank each and everyone who have
criticized, appreciated or raised concerns in our effort to curb the abuse.
In order to assist us with our efforts, we request you to update us with
your complaints at abuse@registry.pw.

Regards

Donesh Laher
Cyber Security Analyst
.PW Registry



--
View this message in context: http://spamassassin.1065346.n5.nabble.com/pw-Palau-URL-domains-in-spam-tp104383p105244.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.