I've posted twice, here and here, about the KnujOn research into registrars that harbor the bulk of Web sites advertised in spam emails. Now ICANN has published an announcement about the actions it is taking in response to KnujOn's reports: "Worst Spam Offenders" Notified by ICANN Compliance system working to correct Whois and other issues 23 May 2008 In order to clarify the system for dealing with inc I’ve posted twice, here and here, about the KnujOn research into registrars that harbor the bulk of Web sites advertised in spam emails. Now ICANN has published an announcement about the actions it is taking in response to KnujOn’s reports: “Worst Spam Offenders” Notified by ICANN Compliance system working to correct Whois and other issues 23 May 2008 In order to clarify the system for dealing with incorrect “Whois” domain name registration information, and deal with community concern, ICANN is releasing the following information regarding its compliance work. MARINA DEL REY, Calif.: ICANN has sent enforcement notices and notices of concern to certain registrars, including those reported this week as being the registrars for the majority of websites advertised in spam emails. Earlier this week, an investigation by KnujOn, widely reported online, publicly identified 10 registrars as being the companies used to register the majority of domain names that have since appeared in spam email messages. More than half of those registrars named had already been contacted by ICANN prior to publication of KnujOn’s report, and the remainder have since been notified following an analysis of other sources of data, including ICANN’s internal database. With tens of millions of domain names in existence, and tens of thousands changing hands each day, ICANN relies upon the wider Internet community to report and review what it believes to be inaccurate registration data for individual domains. To this end, a dedicated online system called the Whois Data Problem Report System (“WDPRS”) was developed in 2002 to receive and track such complaints.* “ICANN sends, on average, over 75 enforcement notices per month following complaints from the community. We also conduct compliance audits to determine whether accredited registrars and registries are adhering to their contractual obligations,” explained Stacy Burnette, Director of Compliance at ICANN.** “Infringing domain names are locked and websites removed every week through this system.” Although the majority of registrars offer excellent services and contribute to the highly competitive market for domains, ICANN’s compliance department has developed an escalation process to protect registrants and give registrars an opportunity to cure cited violations before ICANN commences the breach process. However, while registrars are responsible for investigating claims of Whois inaccuracy, it is not fair to assume a registrar that sponsors spam-generating domain names is affiliated with the spam activity. A distinction must be made between registrars and an end user who chooses to use a particular domain name for illegitimate purposes. “But if those registrars, including those publicly cited, do not investigate and correct alleged inaccuracies reported to ICANN, our escalation procedure can ultimately result in ICANN terminating their accreditation and preventing them from registering domain names,” Ms Burnette said. Software Development