Christianto's Blog

Got My Domain Bonked for Setting an Email Service with It

One my domain almost get taken down by .us registry committee for spam that I didn’t do.

.US Registry Committee informing me the bonk they did to one of my domains, 2K19 Colorized — Image from Pokémon

I registered the domain for Yandex’s email service, because they give us free email plan for the first,… I think 1K account(?). Of course I only use this email for hosting some of my bot’s persona. I send nothing from this account, I only receive email notifications from GitHub and GitLab regarding my lovely bot accounts.

But one day, I got email from GitLab, stating that one of my domain’s verification has failed. After trying to update things from my DNS and doesn’t work, I contacted my Registrar to check things.

Verification has failed for one of your GitLab Pages custom domains! Project: (redacted) Domain: todoroki.direb.us Unless you take action, it will be disabled on 2019-09-18 08:15:01. Until then, you can view your content at https://todoroki.direb.us Please visit these instructions for more information about custom domain verification. If you no longer wish to use this domain with GitLab Pages, please remove it from your GitLab project and delete any related DNS records. Email from GitLab's System.
GitLab “domain verification failed” notification email for one of my domain.

The registrar come back with news:

Hello, Thank you for your email. Please be informed that the direb.us domain name has been placed on serverHold by the Neustar registry. Unfortunately, as a Registrar, we are not authorized to remove the Hold. Therefore, the domain was locked in our system with the corresponding notification indicated in your Namecheap account. We would like to note that the Neustar Registry accepts inquiries from the domain registrars only. However, it has come to our attention that the domain is currently blacklisted by the SURBL. Therefore, it is not possible for us to contact the registry on your behalf while the domain name is listed in the aforementioned blacklist. In order to monitor the reputation of your domain at SURBL and initiate the delisting process, please refer to the SURBL listing at http://www.surbl.org/surbl-analysis/ Additionally, it is highly recommended to contact your hosting provider to make sure the direb.us domain was not involved in any abusive activities and rectify any possible issues on their side. As soon as the domain name is delisted from the blacklist, please contact us in order to proceed with the serverHold removal process. Looking forward to your reply. Email from Andrey K. From Legal & Abuse Department at Namecheap.
The News.

Fun, isn’t it? You did nothing and yet suddenly a random organization blacklists your domain and your registry now hold your domain.

So, I contacted the Registry, confused for mistaking “Registrar” and “Registrant”, re-reads those term definition and email, yeeted Yandex from my whole system, contacted SURBL team, and then contact back to Namecheap, confirming that the blacklist has been lifted. Damn, the whole thing took me 3 days to resolve.

The moral story here is if your service have bad reputation, your domain might get suspended silently. I have no single idea how to not do this, besides check your domain regularly and monitor for your service’s spam policies.

chez14

, , , , ,