Feeds

TM domain leads anti-spam charge

Top-level registry adds vital data to DNS

  • alert
  • submit to reddit

The essential guide to IT transformation

The registry running the top-level .tm domains is leading the charge against spam by adding the SPF protocol into all its domains' DNS records.

While a large number of ISPs, big online names, anti-spam companies and a few domain registrars have added SPF and so helped verify that an email message comes from the address it says it does, TM Domain Registry’s general manager Paul Kane tells us this is the first time an actual registry has included the protocol.

"It is very easy, non-intrusive and helps to reduce the amount of spam. It’s just a simple entry, a text file, it’s relatively easy for people to adopt - it’s self-evident why we decided to add it," he said.

Kane is also keen to protect his existing 6,000 customers from email spoofers. The business model for .tm domains is to attract the world’s biggest companies, who buy the domain because the “tm” can be seen to represent “trademark” - for example www.rolex.tm.

Kane claims to have 30 per cent of the world’s top 500 companies who pay the $1,000 fee for a 10-year domain in order to have a more exclusive domain than the usual “.com”. Such exclusivity would be somewhat undermined though if spam arrived from a .tm domain.

Adding SPF took “minutes” and was no more than a text file saying .tm domains were SPF enabled, Kane explained.

SPF (Sender Policy Framework) itself is a very simple yet effective method of cutting down spam. Internet domains already have MX records tied in with their basic DNS information that say which mail servers receive email for that machine. All SPF does is provide MX records for the domain’s mail servers that send email.

As such, when an ISP receives an email, it looks at the domain, looks up the DNS record and if the mail server it came from is not one mentioned in the MX records, it either deletes it or pushes it to one side for review. Since a large number of spam messages are “spoofed” in order to make it look as though the email is coming from elsewhere, such a system would reduce the number of spam as well as make tracking down spammers easier.

It is now down to .tm domain companies (or their ISPs) to add the MX records and allow for the SPF protocol (a four-hour job) and so complete the circle - something Kane said should be completed in three months.

He readily acknowledges the variety of others protocols out there - including Microsoft’s (guess what) proprietary Caller ID system - but says that SPF is “simple, so logically it should be welcomed”. Unfortunately, he doesn’t know of any other top-level domains that are looking to do the same, but he hopes TM Domain Registry’s actions will encourage others to do the same.

As for the domains themselves, Kane says everything has calmed down since they popped back up on the Internet in February last year after a five-year absence. The actual “tm” TLD belongs to Turkmenistan (just above Iran and Afghanistan) and London-based NetNames originally agreed with the government in February 1998 to sell the domains commercially.

Sadly, within just two months, and with 4,176 domains sold, they were all frozen. According to a message that appeared on the registry site, this was because “some of the names registered may be legally obscene in Turkmenistan”.

However in February 2003 .TM Domain Registry struck a new deal, Kane tells us, where the company has control of top-level .tm domains for 20 years. Turkmenistan meanwhile runs its own Internet on second-level domains such as “.com.tm”.

Perhaps this is just as well with Turkmenistan’s increasingly unhinged president-for-life President Saparmyrat Niyazov, who does not allow any politicial opposition, has done a Saddam with regard to giant portraits of himself all over the country, building vast palaces while his people live in poverty, and even renamed the days of the week and months of the year - a few after himself. He has also held an international symposium on melons. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
Mozilla's 'Tiles' ads debut in new Firefox nightlies
You can try turning them off and on again
No, thank you. I will not code for the Caliphate
Some assignments, even the Bongster decline must
Barnes & Noble: Swallow a Samsung Nook tablet, please ... pretty please
Novelslab finally on sale with ($199 - $20) price tag
Banking apps: Handy, can grab all your money... and RIDDLED with coding flaws
Yep, that one place you'd hoped you wouldn't find 'em
TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit
Chocolate Factory hits back at firm for suing customers
Primetime precrime? Minority Report TV series 'being developed'
I have to know. I have to find out what happened to my life
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.