Mac Musings

Learning From the MacSlash Fiasco

Daniel Knight - 2002.06.03 -

Last week MacSlash disappeared. Zap. Gone.

What happened, and why didn't some people notice?

Domain Name Registration

It used to be that everyone registered domains through the same organization here in the States, but that changed 2-3 years ago. Now there are dozens of domain registrars.

When you sign up with a registrar, you provide them with your name, address, phone number, and email address so they can contact you about renewals and other administrative concerns.

It used to be that all email on the Internet was legitimate, so nobody had to worry about filtering spam. That changed some years back, and today many ISPs and email services filter out spam automatically.

The better services are very careful to avoid filtering legitimate email while black holing as much spam as possible. And the best services let their clients know they're filtering.

Apple's Role

A less than a month ago, it came to light that Apple was filtering spam in the domain (see MacInTouch Reader Report), which gave most Mac users one more reason to use Apple's free email service. Or so we thought.

It appears that Apple has been a bit overzealous in filtering junk email. When MacSlash's registrar sent email renewal notices to MacSlash at their email address, the messages were apparently seen as unsolicited commercial email and discarded.

That's right - legitimate business-related email from a legitimate business to a user of Apple's free email service was simply thrown away. The guys as MacSlash never received the one month, 15 day, next day, and other email warning that their domain was about to expire.

And we haven't even talked about the occasional service outages at

Was It Spam?

As one person noted on MacSlash, all domain registrars seem to send out lots of unsolicited commercial email (spam) in search of new customers. They have free access to the whois database - would we expect them not to use it to further their business?

The way blacklisting works isn't on an email by email basis. Once a server is known to generate or relay spam, it's blacklisted. Once it's blacklisted, any email going through that server is suspect and will be treated as spam - even legitimate email such as domain renewal notices.

Apple has a right to filter spam, and maybe even an obligation to do so. In that case, the various registrars need to find a better marketing model, one that won't result in legitimate email being lumped together with their marketing spams. It's poor business to relay spam, let alone generate it yourself and risk having legitimate business correspondence vanish into the ether.

The Registrar's Role

Regardless of email delivery problems, every registrar asks for a snail mail address and phone number (and probably fax as well), so you've got to wonder why they apparently made no use of these methods to communicate the imminent expiration of the domain.

Further, is appears that they immediately released the domain when it expired (although I could be wrong), making it possible for someone else to buy and register the domain on May 28.

The Domain Owner's Role

Several people have posted on Slashdot, MacSlash, and other sites to criticize Ben Stanfield (akaben) for not knowing when the domain was going to expire. They raise a good point - in this day and age, you will receive email and snail mail from several registrars who want your business when your domain is up for renewal.

That said, you would definitely assume that your own chosen registrar would take the time to contact you before expiration, so most webmasters would simply throw all those other renewal notices in the trash.

Further, like a lot of us, the folks who run MacSlash aren't running a full-time business, probably keep better track of their site than their paperwork, and have a hard time keeping the site up and running, let alone worrying about their registrar not being able to contact them at a email address.

Still, with the number of information managers available today, it's a good idea to find out when your domain is set to expire and set up some sort of reminder system so you can avoid what happened to MacSlash.

The Role of Dotster

There are a lot of domain registrars to choose from, and I'm sure Dotster isn't the only the make it easy for users to "preregister" existing domains and buy them the moment they expire. And that's precisely Dotster's role in the MacSlash fiasco; nothing more, nothing less.

I agree with those who consider this "bottom feeding" behavior. I'd like to see ICANN, the Internet Corporation for Assigned Names and Numbers, set up some enforceable guidelines regarding domain expiration, release, transfer, and reuse. Here are some suggestions:

ICANN already has an appeals process for hijacked and trademarked domains. Providing a little more peace of mind for domain owners would be a logical extension of what they are already doing.

The Role of Vicente Peiro Crespo

On May 28, Vicente Peiro Crespo of Valencia, Spain, acquired ownership of the expired domain via the "preregistration" service offered by Dotster. I'm sure he's received more than his share of emails about the issue, and I hope he will agree to return the domain to its original owners.

How should we view his actions? Is Crespo a domain pirate or has he been falsely maligned?

First, Crespo made a conscious decision to "preregister" the domain. He knew the domain existed, and we can assume that he also knew it was in use.

Second, once Crespo acquired the domain, he immediately redirected it to a Dotster page. If he had been a good Samaritan intending to return the domain to MacSlash, he would not have redirected the DNS entries.

Third, the redirect page included a host of links to Mac-related businesses, probably affiliate programs Crespo had signed up for. We should assume that these ads indicate he had a commercial interest in the domain.

In the final analysis, Vicente Peiro Crespo acted willfully to take over an existing domain, redirect it, and profit from doing so. I think the "domain pirate" label fits.

Why You May Not Have Noticed

The Internet is a peculiar place. You can connect to any server in a matter of seconds, but it can take days for a new DNS record to propagate throughout the world. (The DNS record tells your computer what IP address is at.)

Because of this, for up to three days some users were able to access the old site, and others were redirected to Crespo's page on Dotster almost immediately. Likewise, it may take up to three days before everyone on the Internet can access MacSlash at their new domain.

Where Do We Go From Here?

After posting a link to this story on and emailing members of my busier mailing lists, my next thought was to my own domains. I don't want this happening to,, or any of the other domains I'm using or have plans for.

Thanks to generous donations from dozens of LEM fans over the past weeks, I was able to renew for 5 years at $47.50 on Saturday (via AIT Domains, the registrar I use for all my sites). I also renewed,, and some others for one or more years.

I have a few domains expiring in September, and I have plans for two of them. The third,, was to become the CobWeb Banner Xchange, but I never had the time to develop it. That domain will be allowed to lapse, as will (on July 12).

The rest of my domains are covered until at least January 2003, and is paid up through August 5, 2007. That's peace of mind.

In the end, the best protection is keeping your domain registered. Don't let it expire. Pay up several years in advance if you can afford it. (AIT Domains has very reasonable prices and good service, which is why I moved all my domains to their registry.) Cover your assets.

If it hadn't hit so close to home, we might have labeled this tragedy a comedy of errors, but between, two registrars, and a domain pirate, those errors completely disabled a Web-based business for several days.

Don't let your site disappear because you neglected to renew your domain.