Re: [mailop] What to do with a look-alike domain used in phishing
A fellow named Mike Andrews used to offer to take over domains once used by, or likely to be used be, spam and malware. I had once grabbed an expired domain used by a spammer network, and I was glad to transfer it over to him rather than continue to pay the annual fee myself. On Mon, Jul 18, 2022 at 10:29:06AM +0200, Tobias Fiebig via mailop wrote: > Heho, > ~a year ago I registered a (by then) unregistered look-alike domain for a > major European hoster, as I was receiving rather good spear-phishing from it, > and it was, well, unregistered. (The domain is hetzners.de ). > > I setup DMARC p=reject and SPF -all, and let it be. Now, the domain keeps > sitting around; Thing is, that dereg would most likely lead to more spam > falling out of the domain again (or it being actually registered by some > spammer), which is rather not so nice to the Internet as a whole. The hoster > is not interested in receiving it from me (free of charge etc.; Offered to > just send them the authcode). > > Now, what can I ethically do with the domain? I would kind of prefer it going > to some org. that actually makes an effort in drying out domains used like > this; Does somebody have a suggestion/contact whom to ask? > > With best regards, > Tobias -- Henry Yen Aegis Information Systems, Inc. Senior Systems Programmer Hicksville, New York ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] What to do with a look-alike domain used in phishing
Thomas, shall we talk this through out of band - and you may post a summary later on, if you wish? Best, -C. -- Von meiner Hängematte aus gesendet. -Original Message- From: Tobias Fiebig via mailop To: mailop@mailop.org Sent: Mo., 18 Juli 2022 10:45 Subject: [mailop] What to do with a look-alike domain used in phishing Heho, ~a year ago I registered a (by then) unregistered look-alike domain for a major European hoster, as I was receiving rather good spear-phishing from it, and it was, well, unregistered. (The domain is hetzners.de ). I setup DMARC p=reject and SPF -all, and let it be. Now, the domain keeps sitting around; Thing is, that dereg would most likely lead to more spam falling out of the domain again (or it being actually registered by some spammer), which is rather not so nice to the Internet as a whole. The hoster is not interested in receiving it from me (free of charge etc.; Offered to just send them the authcode). Now, what can I ethically do with the domain? I would kind of prefer it going to some org. that actually makes an effort in drying out domains used like this; Does somebody have a suggestion/contact whom to ask? With best regards, Tobias ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
