North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is the .to (Tonga) domain completely rogue and should beremoved?

  • From: Chris Josephes
  • Date: Wed Sep 30 17:04:15 1998

On Wed, 30 Sep 1998, Barry Shein wrote:
> 1. Performing traceroutes and other analyses seems to indicate that
> this domain is NOT being used for communication with entities
> legitimately located (legally, not only geographically) within the
> sovereignty of the Kingdom of Tonga, as intended.

Both ".to" and ".cc" are unusual cases.  At the June 98 Usenix Conf. John
Quarterman showed a graph representing country population and registered
hosts for the country's TLD.  Both ".to" and ".cc" were skewed because of
their outsourced registration practices.  The TLD ".nu" is probably pretty
high as well.

> 2. Clearly criminal and malicious activites are arising from sites to
> which Tonga has provided comfort and sanctuary.

I don't think a subdomain of ".to" would be considered "santuary".
If anything the country is really messing up their own Internet future due
to their lack of concern over what happens to their domain.

(Note: I've never tried this with a TLD before, so I'm not sure how
sendmail would interpret it).

> In support of this assertion I want to show you an SMTP conversation
> with what claims to be the Consulate of the Government of Tonga in San
> Francisco (This San Francisco office is listed as an official Tongan
> contact point for visas etc by the US State Dept):
> 
> world% telnet sfconsulate.gov.to 25
> Trying 209.24.51.169...
> Connected to sfconsulate.gov.to.
> Escape character is '^]'.
> 220 colo.to SMTP ready, Who are you gonna pretend to be today?
> VRFY postmaster
> 500 Bloody Amateur! Proper forging of mail requires recognizable SMTP commands!

Interesting responses, but you can hardly blame an admin for turning off
VRFY can you??

--                      _______________
 Chris Josephes      __/       MRNet   \
 [email protected]    __/ http://www.mr.net/
\________________/