Feeds

TM domain leads anti-spam charge

Top-level registry adds vital data to DNS

  • alert
  • submit to reddit

The Power of One eBook: Top reasons to choose HP BladeSystem

The registry running the top-level .tm domains is leading the charge against spam by adding the SPF protocol into all its domains' DNS records.

While a large number of ISPs, big online names, anti-spam companies and a few domain registrars have added SPF and so helped verify that an email message comes from the address it says it does, TM Domain Registry’s general manager Paul Kane tells us this is the first time an actual registry has included the protocol.

"It is very easy, non-intrusive and helps to reduce the amount of spam. It’s just a simple entry, a text file, it’s relatively easy for people to adopt - it’s self-evident why we decided to add it," he said.

Kane is also keen to protect his existing 6,000 customers from email spoofers. The business model for .tm domains is to attract the world’s biggest companies, who buy the domain because the “tm” can be seen to represent “trademark” - for example www.rolex.tm.

Kane claims to have 30 per cent of the world’s top 500 companies who pay the $1,000 fee for a 10-year domain in order to have a more exclusive domain than the usual “.com”. Such exclusivity would be somewhat undermined though if spam arrived from a .tm domain.

Adding SPF took “minutes” and was no more than a text file saying .tm domains were SPF enabled, Kane explained.

SPF (Sender Policy Framework) itself is a very simple yet effective method of cutting down spam. Internet domains already have MX records tied in with their basic DNS information that say which mail servers receive email for that machine. All SPF does is provide MX records for the domain’s mail servers that send email.

As such, when an ISP receives an email, it looks at the domain, looks up the DNS record and if the mail server it came from is not one mentioned in the MX records, it either deletes it or pushes it to one side for review. Since a large number of spam messages are “spoofed” in order to make it look as though the email is coming from elsewhere, such a system would reduce the number of spam as well as make tracking down spammers easier.

It is now down to .tm domain companies (or their ISPs) to add the MX records and allow for the SPF protocol (a four-hour job) and so complete the circle - something Kane said should be completed in three months.

He readily acknowledges the variety of others protocols out there - including Microsoft’s (guess what) proprietary Caller ID system - but says that SPF is “simple, so logically it should be welcomed”. Unfortunately, he doesn’t know of any other top-level domains that are looking to do the same, but he hopes TM Domain Registry’s actions will encourage others to do the same.

As for the domains themselves, Kane says everything has calmed down since they popped back up on the Internet in February last year after a five-year absence. The actual “tm” TLD belongs to Turkmenistan (just above Iran and Afghanistan) and London-based NetNames originally agreed with the government in February 1998 to sell the domains commercially.

Sadly, within just two months, and with 4,176 domains sold, they were all frozen. According to a message that appeared on the registry site, this was because “some of the names registered may be legally obscene in Turkmenistan”.

However in February 2003 .TM Domain Registry struck a new deal, Kane tells us, where the company has control of top-level .tm domains for 20 years. Turkmenistan meanwhile runs its own Internet on second-level domains such as “.com.tm”.

Perhaps this is just as well with Turkmenistan’s increasingly unhinged president-for-life President Saparmyrat Niyazov, who does not allow any politicial opposition, has done a Saddam with regard to giant portraits of himself all over the country, building vast palaces while his people live in poverty, and even renamed the days of the week and months of the year - a few after himself. He has also held an international symposium on melons. ®

Top three mobile application threats

More from The Register

next story
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.