Internet domain name host - your advice and experiences?

And that is the point of my question, and a heads up for anyone considering getting their own domain for the purpose of email. These newer generic names are not as yet in common use, and those who are originating emails using such names are in my experience almost always spammers.
I do not want to see anything from them.
Yes, I am posting on a .community domain website, but emails that come from it are via choice.com.au. I also trust it as it is TLS secured.


 and that is fine for you. Your mail client, your choice.

The problem is that your provider should not be blocking all new gTLDs by default - because that is imposing a choice on not only all of your provider’s customers but also on anyone else who would choose to use a new gTLD - and I know for a fact that this is causing problems for people sending legitimate email.

So mail providers just have to stop already.

I don’t suppose you want to name your provider.

You may be right but that doesn’t make a lot of sense. The essence of successfully sending spam is slipping it through undetected. Right? Not standing out from the crowd.

Imagine if all senders of spam used a sending address with a domain ending in .spam - do you think that they would be successful at getting a single email through after a week?

Yep. No point adding to the challenge. Probably best to stick to .com

1 Like

Happy to. Internode.
My personal email is provided by them as they have been my ISP/RSP for many years now.
I do not use an email client, and use their Webmail application.

Now I have a number of email addresses.

Each one can be set at a spam detection level that will use Internode’s algorithm to deliver emails to me, or put it into a hold box. I can check that hold box anytime, or each week I get a report to tell me what is there. Up to me whether I accept or not.
However, I have a very low setting there so almost everything is sent through to my own personal filters as the second level. Again, rules are specific to each email address.
At the moment everything that comes from .icu, .info, .biz domains and a few others get automatically ‘vanished’. Never see them. They do not go into any folder, like a ‘spam’ folder.

1 Like

.com, .org, .net, .com.au, .net.au, .bike, .family :slight_smile:

Indeed. If they were able to block/filter per client as per the client’s wishes that might be one thing, but to unilaterally block based on arbitrary tld, not cricket.

4 Likes

a net tragic?

3 Likes

Yeah probably. In the early days it was good to snap names up - I have a couple of favourites and a more recent one I grabbed when it expired and started getting all sorts of interesting mail. Never been contacted by the previous owner, so who knows 
 but I gained a heap of friends on facebook and twitter on accounts I never knew I had. Closed them down accordingly. I had a legitimate class B assignment in the 90’s which I donated to a local entity 
 but we digress.

A belated thanks for the reference. Not quite what I want 
 looks interesting. It’s an old case of what I want I don’t really want to pay for, and what I’m prepared to pay for doesn’t give what I (think I) want. In times gone by I had an excess IBM full height 19" rack in the lounge room with a Liebert UPS (and expansion chassis full of batteries) and a number of servers running my hidden primary DNS and mail and web servers among other things. The free Google Apps and what it has morphed to (yes I know, “free” - I get it) has served me well, and my integration to the Google borg has been extensive and not of real concern to me - I believe the ancient concept of ‘privacy’ is just that 


There’s a little more time before the Google ultimatum hits, will see where that leads.

3 Likes

.cricket?

Oh dear - I see from the list that there are quite a few companies with their own TLDs. I thought the rules were going to strictly exclude commercial entities - but apparently the number of TLDs for organisations come second only to those for countries.

What companies have their own TLDs? None that I have ever heard of.

From the list (and I have had to search for a quite few of these):

  • Abarth
  • Abbott (health care company)
  • AbbVie
  • ABC (American Broadcasting Companies, Inc.)
  • Accenture
  • AEG
  • Aetna (life insurance company)
  • afamilycompany (Johnson & Johnson)

And that’s not even to the end of A - it excludes .amazon, .americanexpress, .amex, .audi, .auspost (!), .commbank (!), and on and on. I also apparently missed .able, but it is also missing from the Wikipedia list of brand-level TLDs. (The two lists do not fully align.)

1 Like

Not my understanding of a top level domain, which are ccTLDs and gTLDs.
The entries you quote are registered in the highest level Domain Name System servers. The purpose of which is to translate a name into a fixed assigned global IP address.
The companies have their primary IP address registered with IANA.

In other words, they own an IP address, not a gTLD.

No, they are not gTLDs - but they are TLDs and are recognised as such by IANA in the same way as .au is a ccTLD. Your DNS provider should route to any of the domains on the list as long as the address you entered is correct.

(Actually IANA appears to list most as generic, which is incorrect.)

No idea why a lot of those entries are doing in the root DNS system.
I tried to find commbank and www.commbank for instance on the net to no avail. Not even an alias that pointed to commbank.com or commbank.com.au.
It doesn’t even appear to be there to stop anyone else using commbank as a part of a DNS name.
I found commbank.biz on the net which sent me to a bitcoin scam site using George Colombaris as the selling star.
commbank.icu sent me off to a fledgling site that appears to be temporarily unable to do whatever neffarious activity they would like to do.

Prevent cyber-squatting, at a guess - as well as open up possibilities for the future? It may also be used as the domain for phone apps, or for other systems that are not clearly public facing.

1 Like

How did you try that?

If you are using nslookup it won’t work unless either they are actually using the domain or you ask the right question.

The right way is whois commbank and that will give you, in fact, their name server info e.g. IPv4 and IPv6 addresses for 4 DNS servers for that domain.

nslookup for this domain will give you only network administrative type DNS records i.e. it looks as if they aren’t currently doing much with the domain e.g. no web, no email.

Edit: Just for a laugh, it looks as if you can send email to whatever@www.commbank

Also may be helpful to combat a known attack where the attacker relies on truncation of very long domain names for the purposes of display e.g. attacker registers www42.commbank.com.au.randomnasty.com
and if the client displays only the leftmost portion of the domain name then the user could think that he or she is visiting www42.commbank.com.au and the certificate will be 100% valid.

If a bank can use just exactly commbank as the domain name then they may be able to train user interface designers that any truncation of the displayed domain name is automatically worthy of highlighting for security purposes.

If the root domain disallows Internationalized Domain Names (IDNs) then this might also help to defend against IDN homograph attacks e.g. where someone registers a TLD of commbank but where the o in commbank is replaced by e.g. a Greek omicron (which to the casual observer will look identical). However unfortunately the root domain has allowed IDNs.

2 Likes

As there are only a few thousand entries in the root DNS server files, and there are over three hundred million domains registered around the world, the job of these root DNS servers is to just point DNS resolution requests to the appropriate second and third level servers.

The TLD in an address is what is in rightmost part after the rightmost period character.

The first check is does it match a ccTLD entry. Yes, send the resolution request off to the server(s) identified in root server entries. eg .au it is off to Australian DNS servers.

No match, check if the TLD matches one of the gTLD entries in the root servers and then send the resolution request off to the server(s) associated with that. eg .com it is off to Verisign servers.

Still no match then use whatever is left in entries and try to resolve to an IP address.

In the case of ‘commbank’, there is an entry and detail one can see with ‘whois’, but best of luck trying to resolve that to an IP address using ‘nslookup’ or indeed browser search.

Never been a customer of VentraIP, but had cause recently to contact their abuse team due to some bad-faith domain registrations and web sites that were being used to host harassing content. Almost completely unresponsive, and when they did eventually respond were completely dismissive.

2 Likes

Hi @R345,

First up, email address portability won’t happen. Can’t. The way it’s designed, there’s no way to take user@domain.com and have that email go to a server that isn’t designated as the mail server for that domain.

With that in mind, your idea of buying a personal domain is a good one! Your first choice is that of which registrar you want to use. I’m a fan of Cloudflare, as they don’t actually charge a markup on the domains they register. However, Cloudflare is primarily providing DNS hosting and denial-of-service attack mitigation services, and you do need to know what you’re doing to then get email up and running. It’s not difficult, but there is a learning curve.

Regardless of choice of registrar, you then need to select a service to actually host your email. To my mind, some of the key questions to consider are:

  • How many accounts do you need? Is it simply for yourself, or would you want to give members of your family or friends accounts as well?
  • How much mail storage do you need?
  • Do you want other services such as an address book, calendar, etc?

Most services charge by the number of accounts (typically, $x per account per month). You’ll usually also pay more if you need more storage.

Personally, I use Fastmail. They do not have a free option, but their prices aren’t crazy, and they care about the privacy of their customers - no advertising or tracking. If you’re a 1Password user they have a neat integration to create masked email addresses automatically.

If you’re an Apple user, and have any subscription that includes iCloud+, you can now bring your own domain to iCloud mail. Users in your family sharing group can also make use of your domain if you so allow.

Another option to consider is Migadu. Migadu charges by the total storage used, not by the number of accounts, so may be a good option if you want to give addresses in your domain to other people. I haven’t personally used it, so can’t speak to the quality of the service.

Keep us all updated on your journey!

2 Likes