Registrar: A "Registrar" (or "Domain Name Registrar") is an organization that has control over the granting of domains within certain TLDs (top level domains, like the generic .com/.org/.net or country-specific .ca/.us/.mx etc).
In order to register a domain name, it is necessary to go through a registrar. The registrar's job is to create the domain name that has been requested by the customer (if it has not already been created by someone else), by passing on the registration information and the creation order to the registry of the TLD of the domain.
From that point on, the domain name's management (change of nameservers, whois information, or status) is carried out via the registrar.
As an example: If Mr. Smith wanted to register somedomain.com, he would first need to contact a registrar. Next, he would provide his contact information to the registrar and place his order. The registrar would then pass on the order request and whois details to Verisign for example (the registry for .com and .net domains). The domain would then be created and activated. In this case, Mr. Smith is called the registrant.
Registrars, spam and fraud
Registrars are only the administrative guardians of domain names, and do not contribute to the domain's use.
Do Registrars spam?
Registrars do not have any direct involvement or control over the content of a website or e-mail address that is made accessible via a domain name registered with them. This is because a registrar only manages the administrative aspects of domains, such as the name and telephone number of the registrant and contents.
Therefore, if you see in the whois data of a domain linked to spam, that the domain is registered at 'registrar X', it would be a mistake to accuse the registrar of being the spammer.
Do Registrars act against spam and fraud?
Fighting spam or fraud and domain name abuse is a delicate subject for registrars, because as mentioned above, they are engaged only in the administrative management of domains, and do not have any direct control or involvement over how a domain is used.
Consequently, registrars will often reply to complaints of spam or fraud by saying that they can not act.
For example, in April 2013 DOMAIN.COM writes:
My name is Zach I represent corporate support for Domain.com. First I would like to inform you that the account with the domain names you are contacting us about has been deleted. Furthermore we don't host the site. In order to get the site's taken down you must contact the host. Please let me know if you have any further questions.
Here is another registrar's example from February 2013:
We are just the Registrar. We do not host any content or provide bandwidth. If you wish to launch a concern about SPAM, you can try contacting the Internet Service Provider (ISP) or the upstream provider. They may have rules governing the use of their service. You can also try contacting the actual domain owners.
Another example from 2013:
I have taken a look into the domain and we are actually not providing the hosting services for the domain. We are the domain registration service provider. The web host and email service providers for this domain have the ability to shut down their website and email if they are involved in illegal activities.
NetEarth Group responds with:
Once we receive LEA and/or court instruction we will take down domains. A website at the end of the day is a visible worldwide, and thus it is in the jurisdiction of the registrant its enforceable.
While such replies seem discouraging, they simply reflect the current policy of the registrar towards spam or fraud, not how it (collectively as a company, or the employee replying to your complaint) may personally feel about the issue.
It is thus possible to encourage registrars to change their policy towards spam and fraud, by pointing out that by not taking action against domains that are being used for known criminal activity, they are in fact making a decision to provide support to the spammer and thus the crimes committed via that domain and person. Such crimes may range from pharmacy scams, to credit card fraud, to child pornography.
In order for a registrar to act against spam or fraud, it must therefore have in place a sales contract in which its customers must agree to not use the domains for illicit activities. The contract must also state that if the domain is used for such activity, the registrar can suspend it at will, with or without notice.
Even if that is not included in a contract, it is common in countries' laws for any business or person who assists a criminal to be liable for charges ranging from consorting with a criminal, aiding and abetting a crime, conspiracy to commit a crime etc. Once a registrar is aware that there is reason to believe that they have a contract to provide services to a criminal, they are legally bound to terminate both the contract and the service. If they fail to act, they may face the legal consequences according to the laws of their country or state.
Registrars and complaints
Different registrars will respond differently to complaints, depending on their sales policy, accreditation, and personal stand.
In all cases, if the whois information of a domain is invalid or based on a stolen identity, an ICANN-accredited registrar must act to suspend the domain, or be in violation of its sales contract with the registry of the domain's TLD.
This comment applies equally to spam and fraud.
If a registrar supports spamming activity, or has a current policy that does not allow it to act upon spam or fraud complaints, it will reply with a letter saying "we are not the host, and can therefore not act". In such cases, you should reply to the letter, stating the fact that the registrar is supporting criminal activity, and urge the registrar to change its policy.
Pro-spam registrars are easy to spot as they occur frequently when looking up the whois information of spammed and fraudulent domains, and are slow or unwilling to deal with complaints.
Current examples of registrars who have a poor record in dealing with criminal abuse are:
- 1API GmbH (Germany)
- DomainSilver aka Domain Silver Inc (Seychelles) - de-registered by the Polish CERT
- NAUNET (Russia)
- Bizcn (China)
This comment also applies equally to spam and fraud.
Registrars who act quickly and decisively to suspend domains promoted by spam and domains perpetrating fraud are less likely to be targeted for abuse. Criminals tend to move off to another registrar when their domains are suspended consistently.
Gandi SAS is an example of a registrar that in 2007 took a clear anti-spam and anti-phishing position (statement). Abuse complaints are acted upon immediately, and are given full attention. They are rarely seen as registrar for abused domains these days.
Current examples of registrars with excellent reputations for decisive policies against crime are
- PSI-USA aka InterNetX (Germany)
- TRUNKOZ TECHNOLOGIES
- NETLYNX INC.
- NAMESILO LLC
- NICS TELEKOMUNIKASYON TICARET
- RegistryGate GMBH (Germany)
- ABOVE.COM PTY LTD
- UNITED-DOMAINS AG
- GODADDY.COM, LLC
- InterNetworX Ltd
- LCN.COM LTD.
- MAILCLUB SAS
- INTERNET.BS CORP
- EURODNS S.A
- NEW DREAM NETWORK
- eNom Inc.
- 0101 INTERNET INC.
- DomainContext (USA/Russia)
- NetEarth One (UK)
- Arctic Names / PaylessDomains (Canada)
- Nordnet (France)
- Examples of registrar responses denying accountability were excerpts from actual e-mail correspondence.
- Examples of registrar performance were taken from the 2013 statistics published at InBoxRevenge Eva Pharmacy campaign results, 2012/2013 and Registrars - Rogues and Champions
- Registrar lists Internic listing
- Registrar details ICANN Accredited registrar listing