Don’t Ignore ICANN Notices

Recently a client of mine had her website go down.  She called on a Saturday morning, frantic and confused.  She thought I had taken the site down, since she had just launched a brand new one.  I hadn’t touched it.  But it was an older out-dated site, so I checked to make sure it hadn’t been hacked. Sure enough, the site was down.  I checked and the server was running fine,  All the files were still there and hadn’t been changed. Naturally, I checked the Domain, thinking she must have let it expire by accident.  But it wasn’t expired.  In fact it had more than a year left until it would need renewal.  The domain status was “ClientHold.”  I was stumped, so I shot off a support request to my hosting company asking if they had any idea. I had an out of town conference to attend, so I told the client  to call the company she had registered the the domain through.

Later that afternoon she contacted me and said that after 3 hours on the phone with their customer support, they finally figured out that she hadn’t responded to their email asking her to confirm the ICANN required contact info.  She ripped them a new one, saying she han’t received such an email (nevermind that she was using an old email address that she almost never checked on her domain registration.  Eventually, she was able to convince them that she was indeed the registrant of record and they updated her status, and presto her site was back online… late the next morning.

Meanwhile, my hosting guys took one look at the domain status and said the ICANN info was out of date.

Bottom line: Always make sure you use a current email address with your domain registration, and update it when you change that address.  There’s really no need for this kind of thing to happen.

There’s some good reasons why ICANN insists on current contact info.  ICANN says it’s for “Transparency” but nobody really seems to know that that means. Without confirmation, spammers/phishers/malware suppliers/scammers/identity thieves can register a domain using fake contact info and then use the domain for nefarious purposes without fear of anyone finding out who they are.  Clearly that’s been going on for a very long time. With these new regulations, failure to provide presumably legitimate contact info. will result in the domain going down in 15 days.  Sure it’s not that hard to set up a fake online persona, but it’s one more step the bad guys have to take, and if they screw up, they’ll lose their domains or get caught  (presumably).

Also, there’s probably a lot of domains out there tied up with old contact info, so until they expire, nobody would be able to put them to new (presumably good) use.  This speeds up that process.

I feel so much safer knowing that if Terrorist Drug Dealing Identity Thieves take over my website, the authorities, after a lot of red tape, will be able to send them an email telling them to please stop.