Re: Is the .to (Tonga) domain completely rogue an

[Barry Shein <bzs () world std com>]

With all due respect, I think your management of the .to domain is a
hazard to the internet and should be ceased immediately. By your gross
negligence you are providing safe haven to criminals.

As of this minute, about 2:30PM EDT 10/1/98, the domain-hijacker
spammers have a web address in the .to domain and are
spamming/domain-forging to advertise this, as they have been
doing for weeks.

        -Barry Shein

Software Tool & Die    | bzs () world std com          | http://www.world.com
Purveyors to the Trade | Voice: 617-739-0202        | Login: 617-739-WRLD
The World              | Public Access Internet     | Since 1989     *oo*


On October 1, 1998 at 07:04 egullich () tonic to (Eric Gullichsen) wrote:
> Mr. Shein:
>
> I am the hostmaster and Administrative, Technical and Zone Contact at Tonic, the top level domain name registration 
> authority for the .TO country code. (http://rs.internic.net/cgi-bin/whois?to5-dom).
>
> Since June 1997, our automated domain name registry at http://www.tonic.to has been facilitating the registration of 
> .TO names as a service to the global Internet community. (Neither Tonic nor IANA policy requires the registered 
> owner of a .TO name to be physically situated in the Kingdom of Tonga.)
>
> > We've been having increasing problems with one or more porn sites in the
> > .to domain promoting itself by massive spamming of
> > AOL customers using one of our domains in their From: header thus causing
> > both complaints to us and thousands of bounces
> > from AOL due to bad AOL addresses in their spam lists.
>
> We are sorry to hear that you have been having problem with SPAM involving a .TO domain, and wish to draw your 
> attention to the fact that .TO is the *only* top level domain we know of with an explicit antispam policy. We at 
> Tonic feel strongly about spam, and believe it to be theft of service, and a very bad thing for the net in general.
>
> It is our policy to terminate the registration of a domain name involved in spam, after warning the domain name 
> holder to cease unsolicited bulk mailings that involve a .TO name.
>
> > From our FAQ (at http://www.tonic.to/faq.htm):
>
>    Q: I'm a spammer. Is a .TO domain something I         should use?
>
>    Tonic feels very strongly that the sending of      unsolicited bulk email ("spamming") constitutes    theft of 
> service, and we do not condone the
>    use of .TO domain names for this purpose.
>
>    If we receive complaints that a .TO domain name    has been used for this purpose, we will advise     the domain 
> owner of the complaint and
>    request that they desist from this activity.       Tonic reserves the right
>    to remove any .TO name registration if a name      is used as a source of spam,
>    or an address to which to reply to such bulk       mail solicitations
>
> We have had to delete a number of .TO domains for egregious SPAM and will continue to do so in the cases where a 
> stern warning fails to solve the problem. Please send a copy of any SPAM involving a .TO domain name to:  hostmaster 
> () tonic to and we will warn the spammer and/or terminate the domain name registration.
>
> > Looking at the .to domain I can't help but notice it's heavily laden with
> > what appear to be porn sites (sexonline.to, come.to,
> > xxxhardcore.to, etc.)
>
> The .COM domain is no less "heavily laden" with porn sites.  You will note that sexonline.com and xxxhardcore.com 
> are names registered with the InterNIC.  The come.to site is a free web redirection site supporting more than 
> 100,000 customers.  Furthermore, Tonic is a domain name registry, not a content censor.
> > In support of this assertion I want to show you an SMTP conversation with
> > what claims to be the Consulate of the
> > Government of Tonga in San Francisco (This San Francisco office is listed
> > as an official Tongan contact point for visas etc by
> > the US State Dept):
> >
> > world% telnet sfconsulate.gov.to 25
> >
> > Trying 209.24.51.169...
> > Connected to sfconsulate.gov.to.
> > Escape character is '^]'.
> > 220 colo.to SMTP ready, Who are you gonna pretend to be today? VRFY
> postmaster
> > 500 Bloody Amateur! Proper forging of mail requires recognizable SMTP
> > commands!
>
> The primary nameserver for .TO is physically located at the Consulate of Tonga in San Francisco. On all our 
> machines, we run the Obtuse smtpd/smtpfwdd SMTP store and forward proxy (http://www.obtuse.com/smtpd.html) to secure 
> our port 25 and thereby prevent third party mail relaying, so our server cannot itself be used
> as a spam relay.
>
> Your reasoning as to why its responses to incorrect SMTP commands constitutes
> evidence that the .TO domain is "negligent", "mismanaged" and "an attractive resource for criminal activities" is 
> ironically incorrect. In fact, having an *unsecured* port 25 open to mail relaying would be negligent.
>
> [Our thanks to the many participants in this thread who have presented views balancing those of Barry Shein.]
>
> Best regards,
>
> - Eric Gullichsen
>   Tonic Corporation
>   Kingdom of Tonga Network Information Center
>   http://www.tonic.to
>   Email: egullich () tonic to
>
>
>
>
> -----
> See the original message at http://www.egroups.com/list/nanog/?start=1308
> --
> Free e-mail group hosting at http://www.eGroups.com/