DNS Hosting Policies? 12
Cheeze asks: "What do other administrators do about domain registering? Where I work, we require to either be the administrative or technical contact for the domain. Before this policy was implemented, we had no way of knowing if we were the authoritative DNS for our DNS customers. Sure, we can probe whois every day, looking up every single domain, but that puts a heavy load on their servers and what usually ended up happening is there would be about 20% false DNS entries, causing our customer's grief. What do other companies do in this situation? Is that a common practice?" What other (or alternative) policies do DNS hosting services implement that you all like. Are there policies in place at some DNS hosting services that you think are unfair? Why?
"Our reasons behind implementing this practice :
- Increased security - you can turn off the spammers when they violate your terms of service.
- When they try to change domain name servers with their registrar, an e-mail is usually sent to the administrative and technical contacts. This is a good notification that you just lost a customer and can take the record out of your DNS.
- You can hold the domain for ransom when/if the customer does not want to pay their bill (evil, but sometimes necessary)."
A necessary hassle these days (Score:1)
The ISP I work for is in the process of implementing a policy like this. We haven't done this in the past due to the hassle factor, but people are registering domain names, forgetting their passwords and then yelling at us when we can't change their name servers.
Also, there have been a few cases where we got burned on web design where we created the site and didn't get paid. If we had their domain we would have. Evil? Yes. But then so is stealing someone's time and work.
ChrisNominum Global Name Service? (Score:1)
At this point, I wouldn't consider doing anything without checking with Nominum [nominum.com] (the company responsible for writing and maintaining BIND version 9).
These guys offer a service whereby they provide either primary or secondary nameservice for your domain, across their distributed cluster of redundant, fault-tolerant servers. Heck, the secondary service is even free (in all the various senses of the word).
I just wish they had a Dynamic DNS service, so that we could all kiss DynDNS.org [dyndns.org] and GraniteCanyon.com [granitecanyon.com] farewell for their incredibly crappy service.
--
Brad Knowles
Ransom? I don't think so. (Score:1)
Why? (Score:1)
What am I missing?
Re:Nominum Global Name Service? (Score:1)
What we do (Score:1)
Re:What we do (more) (Score:1)
What we do.. (Score:1)
Administrative contact should be the customer - this is who actually owns the domain. If the customer owns it, they should be the Admin contact.
The reason that you are the Technical contact is so that you can make changes. If you change your DNS servers (add/remove/replace one) you should be updating the DNS record - it's your job, not the customer's.
But more about your reasons:
1.Increased security - you can turn off the spammers when they violate your terms of service.
This is crap. If they violate the TOS, you just drop the zone. It's faster (root server changes happen every 12 hours - '/usr/sbin/ndc reload' is _MUCH_ faster.), and you don't need to screw around with a third party.
2.When they try to change domain name servers with their registrar, an e-mail is usually sent to the administrative and technical contacts. This is a good notification that you just lost a customer and can take the record out of your DNS.
This isn't really an issue either. First, you should contact a customer before deactivating their zones (DNS hijacking, anyone?) Second, if a customer were to change service providers and not tell you, then it's their domain that's screwed. It's their responsibility to notify you; you shouldn't need to keep checking.
3.You can hold the domain for ransom when/if the customer does not want to pay their bill (evil, but sometimes necessary).
I don't think this is necessary at all. If they're not gonna pay you, pissing them off probably won't help the situation. If the domain is part of a trademark (or the domain is registered in their name), they can just go to Network Solutions and get it yanked anyway.. but even then, holding the domain for 'ransom' is an act of bad faith - if they're inclined, they could probably sue you. (And the fact that they owe you money will probably be overlooked by a judge, unless your contract explicitly states that you can do this - where I live, once you've extended them credit, you can't hold their property without prior written consent.)
Yes, you should be the Tech contact for all domains you host, so that you can make changes to the domain, not for the reasons you listed.
Re:Nominum Global Name Service? (Score:2)
Re:Nominum Global Name Service? (Score:1)
Re:Nominum Global Name Service? (Score:1)
Re:What we do.. (Score:1)
2. i currently run a name server that does dns for about 650 domains. we do dnsing for free if we host your web site. more often than you would expect, people try to abuse this and send in a request to stop web hosting, and then a dns change. this equates to free dns hosting. any profitable company is not into giving away services for free with zero return.
3. if the customer does not pay their bill, they can just switch to a different providor. this does not mean you will ever see your money. they are more inclined to pay if you hold the domain hostage while they figure out that your company has been slighted.
that would be a great lawsuit. if you take your car in to get it fixed, and you don't pay the repair people, what happens? they keep your car until you pay. you cannot expect to just walk up there and take it from them. it becomes collateral at that point.
dns/web/mail hosting is a big business. there is almost no recourse for the people that abuse it. what good is a court if you are slighted a mere $50? of course, if 100 people slight you, that's $5k you didn't make that year because of your own policies. what a waste.