It's also not effective in various situations. The bad behavior is not disabling abused domains, it's the method used to do it (by giving no answer instead of actively giving a negative answer). When a http client asks recursive resolver A for an A RR, and no response is received, the client will then go to recursive resolver B and make the very same query again, and possibly on to recursive resolver C. One of the secondary/tertiary recursive resolvers may hand the client a cached response that had been obtained before the registrar took any action. If instead recursive resolver A returned a NXDOMAIN, that would be the end of it, no new queries, the answer has returned name does not exist. The impact of the additional queries can be significant as well. -- -J On Sun, Nov 16, 2008 at 4:38 PM, Andrew Fried <andrew.fried@gmail.com> wrote:
Chances are if the domain has been sandboxed, it was because it was involved in some kind of phishing scheme, not spam. This is the typicaly way of mitigating fast flux botnets. So I don't agree with the assessment that this is bad behavior on the part of GoDaddy - to the contrary, they are acting quite responsibly.
AF