Feeds

TM domain leads anti-spam charge

Top-level registry adds vital data to DNS

  • alert
  • submit to reddit

High performance access to file storage

The registry running the top-level .tm domains is leading the charge against spam by adding the SPF protocol into all its domains' DNS records.

While a large number of ISPs, big online names, anti-spam companies and a few domain registrars have added SPF and so helped verify that an email message comes from the address it says it does, TM Domain Registry’s general manager Paul Kane tells us this is the first time an actual registry has included the protocol.

"It is very easy, non-intrusive and helps to reduce the amount of spam. It’s just a simple entry, a text file, it’s relatively easy for people to adopt - it’s self-evident why we decided to add it," he said.

Kane is also keen to protect his existing 6,000 customers from email spoofers. The business model for .tm domains is to attract the world’s biggest companies, who buy the domain because the “tm” can be seen to represent “trademark” - for example www.rolex.tm.

Kane claims to have 30 per cent of the world’s top 500 companies who pay the $1,000 fee for a 10-year domain in order to have a more exclusive domain than the usual “.com”. Such exclusivity would be somewhat undermined though if spam arrived from a .tm domain.

Adding SPF took “minutes” and was no more than a text file saying .tm domains were SPF enabled, Kane explained.

SPF (Sender Policy Framework) itself is a very simple yet effective method of cutting down spam. Internet domains already have MX records tied in with their basic DNS information that say which mail servers receive email for that machine. All SPF does is provide MX records for the domain’s mail servers that send email.

As such, when an ISP receives an email, it looks at the domain, looks up the DNS record and if the mail server it came from is not one mentioned in the MX records, it either deletes it or pushes it to one side for review. Since a large number of spam messages are “spoofed” in order to make it look as though the email is coming from elsewhere, such a system would reduce the number of spam as well as make tracking down spammers easier.

It is now down to .tm domain companies (or their ISPs) to add the MX records and allow for the SPF protocol (a four-hour job) and so complete the circle - something Kane said should be completed in three months.

He readily acknowledges the variety of others protocols out there - including Microsoft’s (guess what) proprietary Caller ID system - but says that SPF is “simple, so logically it should be welcomed”. Unfortunately, he doesn’t know of any other top-level domains that are looking to do the same, but he hopes TM Domain Registry’s actions will encourage others to do the same.

As for the domains themselves, Kane says everything has calmed down since they popped back up on the Internet in February last year after a five-year absence. The actual “tm” TLD belongs to Turkmenistan (just above Iran and Afghanistan) and London-based NetNames originally agreed with the government in February 1998 to sell the domains commercially.

Sadly, within just two months, and with 4,176 domains sold, they were all frozen. According to a message that appeared on the registry site, this was because “some of the names registered may be legally obscene in Turkmenistan”.

However in February 2003 .TM Domain Registry struck a new deal, Kane tells us, where the company has control of top-level .tm domains for 20 years. Turkmenistan meanwhile runs its own Internet on second-level domains such as “.com.tm”.

Perhaps this is just as well with Turkmenistan’s increasingly unhinged president-for-life President Saparmyrat Niyazov, who does not allow any politicial opposition, has done a Saddam with regard to giant portraits of himself all over the country, building vast palaces while his people live in poverty, and even renamed the days of the week and months of the year - a few after himself. He has also held an international symposium on melons. ®

High performance access to file storage

More from The Register

next story
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.