Exile From the Herd - via easyDNS blog

easyURL adds "FEDEX" tracking widget

nospam@example.com (easyDNS: of Interest) — Thu, 06 Mar 2008 15:08:39 -0500

Trivial but handy: I found myself having to email out some Fedex tracking ID's today, so I thought what would make it easy would be a way to create a redirect to the Fedex tracking page for that ID without having to visit a URL shortener site to create the redirect.

That's the core idea behind the "URL Widgets" or "Redirect Widgets" of easyURL, which are described here We also have them setup for Amazon products, domain lookups (surprise), Wikipedia pages and RFC's.

How to use your own domain name with Google Apps

nospam@example.com (easyDNS: Tips and Tricks) — Sun, 02 Mar 2008 18:40:09 -0500

Many Ayromlou does it again, publishing another step-by-step tutorial, complete with screen shots on how to use your own domain name on easyDNS with Google Apps..

easyDNS announces Guaranteed Lookup Privacy for easyWHOiS.com

nospam@example.com (easyDNS: of Interest) — Tue, 23 Oct 2007 15:45:33 -0400

In light of the recent ICANN advisory on domain lookup frontrunning we've made the guarantee that your domain lookups on easyWhois have and always will be, private.

What is domain lookup front running? It is when an unscrupulous operator between you and a domain lookup tool, such as a whois lookup website, perhaps even the site operators themselves, monitor your domain name searches and then go and grab some of the available domain names you search on before you get the chance to.

I never thought anybody would be so brazen, but silly me, I once again underestimated the widespread use of sleazeball tactics on the internet.

You can read the easyDNS press release on the subject and our new Guaranteed Lookup Privacy Policy at easyWhois. We've also added SSL encryption to easyWHOiS to eliminate the possibility of queries being eavesdropped.

Don't forget to vote in the CIRA Board elections

nospam@example.com (easyDNS: of Interest) — Tue, 11 Sep 2007 10:52:16 -0400

I just finished voting in the Canadian Internet Registration Authority Board of Directors election. This year's election is the first under the new election process and reformed membership structure that was ushered in last year at the special member's meeting in Toronto.

I have mixed feelings about the new membership reform, having spent a good deal of my term on the Board working on it and finally seeing it get ratified by the membership shortly after the end of my stint. I found the re-authorization process of the membership confusing. If I found it confusing, having been in the belly of the beast so to speak, it must have been utterly unfathomable to a lot of casual .CA domain holders. I think 90% of .CA domain holders don't even really understand who CIRA is or why they consistantly get cryptic emails from them telling them to authorize this, confirm that, verify your id ("your papersss pleasss").

Continue reading "Don't forget to vote in the CIRA Board elections"

easyURL enables bookmarking and tagging with openid

nospam@example.com (easyDNS: of Interest) — Thu, 16 Aug 2007 14:00:46 -0400

You probably didn't know we operated a URL shortening service at easyURL.net, which has some nice features like being able to create your own short label for a shortened URL and tracking of access stats.

After awhile I noticed that I was also using it as a pseudo-bookmarking mechanism, but of course it required that I actually remember the shortened URL. So we went ahead and added bookmarking and tagging to easyURL.net.

The bookmarking features are accessible via OpenID tokens because we're finding people are getting less and less interested in creating a new account on every site they use. For people without OpenID, you can always use a site like del.icio.us, for those with, use this.

How to use your domain name with blogger

nospam@example.com (easyDNS: Tips and Tricks) — Thu, 31 May 2007 20:52:35 -0400

Title says it all, easyDNS member Many Ayromlou wrote a clear step-by-step mini-howto today explaining the procedure to get your domain name registered through us working with your blogger.com blog:

http://www.nerdlogger.com/2007/05/how-to-use-custom-dns-name-with-blogger.html

My only comment is Step 6 shouldn't be a few hours' wait, not unless you've already typed your domain name into your browser before you do this and now your local ISP's nameservers have cached your old IP.

But thanks to Many, I'm sure a lot of bloggers interested on using their own domain name with blogger.com will reference this.

Four essential components of Search Engine Optimization

nospam@example.com (easyDNS: Tips and Tricks) — Wed, 06 Dec 2006 13:02:39 -0500

I've been helping a longtime customer debug getting his website setup with a google sitemap and stealth redirection and he asked me in more general terms if I had any advice for him around search engine optimization.

Here are four essential "must have's" for SEO. Three you can do right now, the fourth is not under your control as much. Before embarking on a concentrated SEO campaign, be sure the first three are in place.

Continue reading "Four essential components of Search Engine Optimization"

CIRA Board Elections On Now, Please Vote

nospam@example.com (easyDNS: of Interest) — Mon, 18 Sep 2006 16:11:42 -0400

During my 3-year tenure on the CIRA Board, I got the opportunity to travel across the country. Whenever we held a public forum anywhere in Canada, the turnout was usually quite high and the participants informed and enthusiastic.

Then near the end of every open forum I made it a habit to ask the attendees the following question: "How many people here voted in the last election?" and the silence was usually deafening. Less than 10 hands would go up every time, guaranteed.

So why the disconnect between getting live bodies out to an actual event and getting stakeholders to click a few buttons through their web browser?

Given the discontent I've seen among netizens over some gTLD issues with .COM (remember sitefinder?) and ICANN oversight, CIRA has set the standard for accessibility and stakeholder guidance for .CA. People should be seizing these opportunities and making their views known and voting.

Running country code top level domain registries carry unique challenges and require industry experience balanced with a sense of stewardship. .CA is after all a "key public resource" and the kind of people I want on the Board are those that take that stewardship capacity seriously.

This year I'm voting for the following member nominees:

Paul Andersen https://elections.cira.ca/2006/finalslate/show/44/en
Clyde Beattie https://elections.cira.ca/2006/finalslate/show/22/en
Ross Rader https://elections.cira.ca/2006/finalslate/show/35/en

And from nomination committee I'm voting for:

Raymond Benoit https://elections.cira.ca/2006/finalslate/show/13/en
Bill Reid https://elections.cira.ca/2006/finalslate/show/12/en
Jeff Ryback https://elections.cira.ca/2006/finalslate/show/10/en

I encourage all .CA domain holders who are CIRA members to vote now.

Want to reduce email spam to your mail server? Stop using backup spooling

nospam@example.com (easyDNS: Tips and Tricks) — Tue, 27 Jun 2006 16:33:57 -0400

It is with regret that we have come to the following conclusion, but here it is: Offsite backup SMTP spoolers and backup mail exchangers have become worse than useless

The problem is spam and the software that delivers it exploiting the weak authentication schemes inherent in the SMTP protocol itself. It used to be an annoyance, then it became a concern, it is now an epidemic and has resulted in the death of the offsite backup MX handler.

What happens is this: spammers try "dictionary attacks" on target domain names, trying to deliver email messages at random usernames at the target domain. The primary mailserver knows which usernames are valid and rejects the rest. The offsite backup MX spooler doesn't know what usernames are valid and what are junk, so it just forwards everything it receives for a domain it is spooling for to the primary MX handler.

Spammers and other malicious parties know this, so they may not even bother trying the primary MX at all, they'll just throw everything at the backup mail spooler which dutifully forwards it all (or tries to) to the primary. It is a dead-easy method of launching a Denial-Of-Service attack as well.

So it is with a heavy heart we have to admit that any utility of having an offsite backup MX handler is in most cases far outweighed by the advantages it hands to spammers and other miscreants.

The good news is this: without a backup mail spooler defined for your domain, originating mail servers simply queue the mail locally for a later retry. So owing to the design of the SMTP protocol, you do not really lose any redundancy when you remove a backup MX spooler from your DNS settings. But you probably cut down on the amount of spam your domain receives through the back door that is the backup MX spooler.

Seeking beta users for easySMTP: outbound mail service

nospam@example.com (easyDNS: of Interest) — Thu, 20 Apr 2006 11:41:21 -0400

We have been testing our outbound mail service (codenamed "easySMTP™") and it looks good. It supports TLS and listens on numerous alternative ports.

easySMTP outbound mail service will be bundled with DNS-plus packages at no extra cost.

We are now accepting beta users for this service. If you would like to be a beta user and are currently subscribed with DNS-plus service, please contact support with your username and we will enable this feature for your account.

Many of us here at the office have been using this from home and it works great, so we anticipate a short beta period and a quick promotion to "production" status, at which point it will be available to all DNS-plus domains.

Details on the easySMTP outbound mail service can be viewed here

MyPrivacy upgrades and new features

nospam@example.com (easyDNS: of Interest) — Mon, 06 Feb 2006 08:31:01 -0500

The MyPrivacy.ca whois-record-spamguard system has been upgraded to new hardware and now supports personalized whitelists.

This means individual users can add their own whitelists, either email based or hostname based, which opens myprivacy.ca up to much more flexibility beyond protecting your whois records.

An myprivacy.ca accounts are still free.

Does your business advertise via PPC? Then stop paying for spammed clicks

nospam@example.com (easyDNS: of Interest) — Mon, 19 Sep 2005 11:45:42 -0400

One hears many complaints about Technorati's blog search engine, that all it does it return "useless" blogspam search results. Is this a sign of a "bad" search engine or is it indicative of a deeper problem within the blogosphere itself, that it's riddled with blogspam and automatically generated scraper sites? (Blogger is particularly bad because of its "export" feature. Spammers can export their entire blog to a remote server, thus scraper sites can distribute themselves over multiple IP addresses and keyword stuffed domain names and leverage the resulting linkpop into search engine results).

I've been noticing my technorati search for easyDNS almost always turns up more blog spam than anything else, i.e.

http://www.dnshostingpro.info/dns-hosting/dns+hosting.html

"Today's DNS Hosting Article" is a joke, it looks like the ad copy from ours and our competitors' Adwords campaigns being scraped out and simply concatenatated into an keyword stuffed blob of crap with a Google Adsense block running over it. So those of us buying keywords via Google are paying for these ads on these scraper sites and something tells me those clicks are garbage traffic.

Last night I remembered that you can now click on the "Ads By Gooooooogle" link in the corner of the Adsense block and report a policy violation, which I am now doing. I report that as a paying Adwords advertiser I'm not impressed seeing my keywords scraped and recycled into blogspam, only to pay for the priviledge of having my own ads run on them.

I think anybody buying Adwords should think about doing this. It only takes a minute: Subscribe to your own company name via Technorati's blog search and then complain about the blog spam you find scraping your ads.

You'll be doing yourself and the blogosphere a service.

Widespread PHP vulnerability in XML-RPC

nospam@example.com (easyDNS: of Interest) — Wed, 06 Jul 2005 14:58:00 -0400

I didn't bother mentioning the new PHP XML-RPC vulnerability to somebody yesterday, assuming they already knew. Alas, they got burned by it so I'm making it a point to mention these things in a widespread generic sense from now on.

As such: if you are running PHP content management systems like blogs, postnuke or anything that uses PEAR XML_RPC <= 1.3.0, you need to drop what you are doing, login as root, and run


pear upgrade XML_RPC

right now. See the PHP website for details.