Grant Taylor <[email protected]> writes:
>> A very large number (nearly all, in fact) of the spams I receive these
>> days involve domains registered with Namecheap. I've received hundreds
>> of spams involving .icu domains from what appear to be the same spammer.
>> I also receive a large number of scams impersonating Bitmain, again
>> using domains involving Namecheap.
>
> Is Namecheap just the registrar? Or are they also hosting the DNS service?
As a Namecheap customer, you are making me want to move. That is good,
but its also something you should consider, before you block the entire
registrar: there are a significant number of non-spamming Namecheap
customers that you would be cutting off if you did this. I understand
you want to put pressure on Namecheap, but the flip side of that is you
will be cutting yourself off from those domains in the process.
>> While Namecheap does suspend at least some domains within days of their
>> being used in a campaign, it's clear that these are being treated as
>> single-use domains, so this has very little impact on the spammers.
This sounds like Fast Flux - and it is not something that happens only
on Namecheap.
> I think there are also lists of domains that have been recently
> registered. Which might help if the single use domains were recently
> registered.
Having such a list would be very helpful for dealing with fast flux.
--
micah
