On the 1st of November 2017, Artists Against 419 blocked emails email addresses using the following top level domains to our mail services:
This step was most regrettable, but we reserve the right to stop any serial abuse of our email services and resources.
Suddenly today we saw a massive spam inflow from at least two of these TLDs. The patterns were all too familiar; domains registered via Namecheap are abused to spam out emails, the domains are Famous Four registry domains. Typically these domains are sold at special sub-$1 prices at Namecheap. The content it’s used for is normally affiliate spam. Past history showed the same patterns with a spam run using .US ccTLDs sourced via Namecheap.
While Artists Against 419 are scam fighters and not spam fighters, we are aware of other events where domains are being abused. The “toenail fungus”, “battery” and like spams are an open secret, first emanating from a Pakistani registrant, then Indian, later WhoisGuard protected, now suddenly various South American registrants (if the spam domain registration details are to be believed after we dumbed down 100 levels). Yet the patterns are the same in each case: the content, the email servers abused, the name servers. If it looks like a duck, swims like a duck, quacks like a duck … ?
An associate recently made Famous Four Media aware of this issue as spamming is explicitly against their published policies. Where the associate reported these to Famous Four Media, they never responded. Neither did Namecheap, nor Whoisguard. Despite a registrant purchasing numerous discounted domains via Namecheap and abusing them once or twice in rapid succession as “spam cannons”, then to abandon them, each incident is regarded as a separate incident by Namecheap (past lessons learnt). Such an investigation takes 48 hours. As such by the time action is taken against a domain, that domain has long since been discarded and the same registrant spammer is already five or six domains down the road. The patterns are ignored. Closing the stable door after the horse has bolted, or a case of being seen to be doing the right thing, yet not doing enough to stop the money to be made?
Quite frankly we have no stomach to be playing these games. We have better things to do than write abuse complaints about spam to parties that refuse to understand serial abuse. But we do not wish to continuously empty spam folders either. While the stats and links below clearly indicate there may be a problem, we accept our situation may be unique. However, it’s of no consequence to us. It’s simple: We have never received a legitimate email from any of these email domains, so we’ve applied a generic filter:
If you have a legitimate reason to contact us, please use an email address with another domain ending to reach us.
Thanks for your understanding.
https://www.joewein.net/bl-log/bl-log.htm (email@example.com, firstname.lastname@example.org, email@example.com etc)