All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
TIL Spamhaus blocks domains based on keywords - can I still use my domains?
Hi, long time LET reader, first time poster here. I signed up because I was going to ask why spamhaus blocked my brand new domains, without me having sent a single email, and without me having ever had problems with spam lists. (it's easy like just don't send spam lol)
However, now I am quite sure that they merely blocked my domains based on keywords (such as "crypto"). It is the only explanation that could work, since my other domains are not affected.
The odd thing is that they don't tell me this. Neither on their page, nor in their tickets. They always just copy paste, demanding a "non disposable email address" (??) and an explanation on what I did to solve the "issues". (there are zero issues)
Sadly, my domain registrar (monovm) refuses to let me use the domains, as long as they are listed (I will never send mails from them, so to me it wouldn't matter). Since I chose the "suspicious" name, it is "my fault". (right)
So now I am just using other domains instead. But I was wondering, whether it is normal for a registrar to block a domain because of a spamhaus list entry, knowing that it can apparently be completely arbitrary. If most don't do this, I could transfer my domains somewhere else and use them there. If almost everyone does it, I accept defeat.
Comments
As far as i know it's some kind of automated process (likely as you say based on keywords) and Spamhaus doesn't give two shits about either false positives or really anything at all (you can try but i doubt they'll remove your domains let alone notify you if their systems flag more of those).
Some braindead registries (your registrar would be perfectly innocent here) seem to use these lists as reason to put domains on hold and you probably won't be able to do anything about it beyond taking it as a learning experience to not register domains under the TLDs run by those registries anymore in the future.
What TLD are the affected domains under?
There is NDBL - new domain black list.
Turn the blame where it belongs: With a registrar that won’t let you use a brand new domain through no fault of your own.
That’s it, that’s the only real complaint. A blacklist is only as valuable as the people who use it, and if the blacklist isn’t serving it’s function without unnecessarily harming the customers of the people using it, the people using it are the ones who ultimately hold responsibility.
But there’s gotta be a path here that isn’t unreasonable. Like maybe stop using disposable emails to contact spamhaus? Stop trying to act like you’re passing state secrets to an enemy government and treat spamhaus like peers, you might get further with them. If you want something from people, you have to be perceived by them as non threatening, which is relative to their preferences more than yours. No one respects “anonymous” identities these days, and if you actually do NEED to be anonymous you’re going to have to get used to the social climate because you can’t change the way the wind blows.
Yeah, that's true. The registrar should at least refund OP as they sold him something that doesn't work. I was under the impression that it's actually the registry putting the domains on hold because of the blacklist entry though. You are obviously still right in that this should be the problem of the registrar and not the client.
The way i've read it OP didn't use a disposable email but Spamhaus simply sending him some canned reply that would instruct him to stop doing so out of nowhere. Well, at least that's how i interpreted the two question marks.
Yes I assume they want a [email protected], or something like that. And they don't want domain privacy, but that is enabled by default (due to GDPR, not because I asked for it). I get their point, but overall, it is unclear what exactly their demands are, and they refuse to respond like an adult.
I am trying to figure out how the wind blows lol. If other registrars do not have this problem, I can just ignore spamhaus. Maybe I will email some others and ask.
.fun and .online, but judging by monovm's words, it is their policy, not the registry's.
Both of those are managed by CentralNIC.
Interesting. For the last guy that posted here about having his domains locked because of a Spamhaus listing it came down to the registry setting the hold but even if my memory is a little cloudy i don't think it was related to CentralNIC (you should also see this in the status entry of your domain's whois info).
Still i'm a little surprised/worried that the practice seems to be spreading. One entity blindly acting on some automated and practically non-curated blacklist full of false positives is already bad enough...
I am also surprised that a registrar accepts crypto payments (that's literally why I chose monovm), and then locks domains that have "crypto" in them, because some random dude on the street calls it suspicious.
Unbelievable.
No, they want a proper, not-disposable email address.. Not hotmail, not gmail, or any other free email service
Use an email address on one of your own domains or try using your ISPs email service if they offer it.
@anon121 Transfer your domain to another registrar.
xyz Registry puts domains on ServerHold status. This includes .lol and several other TLD they administer.
They require you to clear the domain from any blacklists. Difficult to do when DNS no longer functions for your domain.
In the past I had a single domain without WHOIS privacy, something like 12 years ago, and just for one year (I simply forgot enabling the privacy addon when buying that domain, but I remedied the next year when renewing it).
I still nowadays receive the occasional domain renewal phishing/scam with the personal data that was left exposed in the WHOIS at that time...
If that's really Spamhaus position, then they would be completely retarded. By actually helping spammers scam domain owners with the easiest of the automatic ways. Just wow.