News / January 2008

Tucows Announces Enhancement to the Tucows Email Service

Provides Existing Email Providers an Effective Tool in the Battle Against Spam

TORONTO, Jan. 31, 2008 – Tucows Inc., (AMEX:TCX, TSX:TC) a leading provider of Internet services to web hosting companies and ISPs worldwide, today announced the availability of a powerful solution to the global problem of spam. The Tucows Email Service now offers providers the option of using the spam and virus filtering portion of the service in conjunction with their current email infrastructure. The Tucows Email Service will continue to be available as a fully-hosted email service for those looking for a complete end-to-end email solution.
Continue reading

Spam Filtering That Just Works

Today, spam filtering is a must, not an option. By some estimates, as much as 90% of mail sent is spam. The filtering that’s included in the Tucows Email Service provides effective protection for users against spam and viruses.

Spam fighting cowStarting today resellers can provision what we call “filter only” accounts inside the Tucows Email Service. Cutting to the chase, the net result is that email is sent through our filtering system, spam is redirected to a quarantine, and only the legitimate mail is then directed on to our customer’s email server.

Last fall at ISPCON in San Jose, CA, I had the opportunity to give a presentation about our experiences running Tucows Email Service. I called it “Email Nightmares: Tales from the Edge” and in that talk I showed some of the pain points that email providers run into when managing messaging services. One of the most challenging aspects I called out was managing spam.

That’s all well and good, but some email providers aren’t ready, or don’t want to move to a fully-hosted email service right now. So we came up with an alternative that allows us to provide that same level of spam and virus protection, while allowing providers to continue to use their own email infrastructure.

The benefits are threefold:

  1. You’ll sleep better at night: you can focus on running your email servers, without having to worry about things like spam filters, or blacklists.
  2. Your servers will thank you: nine out of ten messages is spam, and we’re taking care of that before you have to. As a result, your server loads drop significantly.
  3. We’ve got your back: Tucows has a dedicated Abuse Team that is actively engaged in the battle against spam. We have experience managing abuse and we’ve forged strong relationships in the industry through organizations like the Messaging Anti-Abuse Working Group (MAAWG).

Our Tucows Email Service is built for ISPs and hosting companies. The goal with this filtering only option was to provide effective filtering for our customers that ‘just works’. Resellers have the option to provide a web-based spam quarantine where users can review email flagged as spam, and manage safe- and blocked sender lists.

Our Services website has more information including a screencast demonstrating the web-based spam quarantine.

ICANN Proposed Tasting Fee a Good First Step

Earlier this week, the ICANN Board recommended making the ICANN fee of $0.20 per domain year non-refundable. Previously, that fee was refundable if the domain was deleted within the five day Add Grace Period (AGP).

Around the same time, Google announced it would drop names consistently added and deleted during the AGP from its AdSense program, making it far more difficult to profit from ads served on those domain names.

icann.jpgWe think ICANN’s resolution to introduce a fee is a good first step, but we don’t believe it goes far enough; some tasters will look at a nominal $0.20 fee as a cost of doing business. Add Grace Period abuse could be further diminished or eliminated by substantially shortening the AGP period to 12 hours or less. This would let registrants correct ‘true’ mistakes like spelling errors (which is what the AGP was originally intended for), while significantly curbing the practice of tasting at the same time.

For those of you who aren’t aware of what tasting is, here’s a quick overview: Generic Top Level Domains (also known as ‘gTLDs’) support what is known as an ‘Add Grace Period’ (AGP). Originally designed to correct domain name registration errors like typos and such, the AGP allows registrars to delete any names they register within five days, and receive a full refund.

Over the past several years the AGP has been used largely for profit instead of correcting mistakes. Some registrars register names en masse, display ads on them, measure their traffic, and then see which ones might be profitable to keep. The rest are deleted before the end of the grace period. How many names are deleted? According to an ICANN report, 94% of all .com registrations in January 2007 were deleted. Some registrars even re-register and delete the names over and over, allowing them to essentially keep the names for free.

The result of this practice is short-term trademark infringement, consumer confusion as sites disappear/re-appear (and point to advertising), and a great deal of unnecessary (and potentially dangerous) operational load.

Domain tasting will be one of many issues up for discussion at ICANN’s 31st International Public Meeting, will take place between February 10 and 15. I’ll be heading to India in two weeks and I’ll provide coverage of the meetings here on the Tucows blog.

Tucows fourth quarter investment community conference call is Thursday, February 7, 2008 at 5:00 P.M. (ET)

TORONTO, Jan. 30 /CNW/ – Tucows Inc. (TSX: TC, AMEX: TCX) plans to report its fourth quarter fiscal 2007 financial results via news release on Thursday, February 7, 2008 at approximately 4:00 p.m. (ET). Company management will host a conference call the same day at 5:00 p.m. (ET) to discuss the results and the outlook for the company.
Continue reading

Tucows fourth quarter investment community conference call is Thursday, February 7, 2008 at 5:00 P.M. (ET)

TORONTO, Jan. 30 /CNW/ – Tucows Inc. (TSX: TC, AMEX: TCX) plans to report its fourth quarter fiscal 2007 financial results via news release on Thursday, February 7, 2008 at approximately 4:00 p.m. (ET). Company management will host a conference call the same day at 5:00 p.m. (ET) to discuss the results and the outlook for the company.
Continue reading

Calling Girl Geeks

Official Girl Geek Dinner logoTomorrow is the night for the Toronto Girl Geek Dinner. As of this writing, there were seven spots left. If you’re into networking with a bunch of women who are passionate about technology, head on over to the wiki and sign up. I’m looking forward to seeing some of my girl geek buddies for the first time this year and hearing about what they’re up to so far in 2008. The featured speaker tomorrow night is Malgosia Green, co-founder of Savvica, an online teaching and learning company. Malgosia will share her perspective on entrepreneurship and using web tools to further goals in education and training.

Tucows Email Service Winter Release

The team’s efforts to enhance and improve the Tucows Email Service continue to accelerate as more and more customers make the move from our older platforms onto the new service. As that happens, we’re learning a lot about how Tucows Email Service handles the load in the real world (really well, as expected) and we’re also taking in feedback and comments from users, through resellers like you (thanks!).

As a result, we’re continually tuning hardware and software for even better performance, and the technical delivery team continues to work to make things like the webmail interface better and easier to use.

Tomorrow we’re rolling out what we call the “Email Winter Release” ‚Äì a bunch of enhancements and upgrades that make the service even better. A full list of those changes was sent out to customers on Tucows Email Service last week. If you want a sneak peek at how things are progressing, the upgrade has already been rolled into our Test environment. We’ve also released updated Tucows Email Service documentation that includes the latest changes and all the details you’ll need. A detailed summary of the changes can also be viewed in the release notes.

The enhancements encompass everything from minor user interface improvements inside webmail, to the creation of a new user account level within the MAC. Here’s a brief list of what’s changing Tuesday broken down into three main categories:

Reseller Tools:

  • Domain Aliases at the Company level are now available
  • Company Administrators are now able to suspend accounts (and shortly will be able to do so through the APP)
  • Mail Administrator account level has been created.

Webmail Enhancements:

  • Users are now able to sort on the Read/Unread column.
  • POP mail accounts (if added by the user) are checked automatically during webmail check.
  • Contacts can now be dragged into and out of groups.
  • Users can choose between plain text and HTML email composition.
  • The add contact group button in the contact area of the sidebar has been replaced by a pair of more intuitive icons.

WAP/Mobile Email Client:

  • We now offer a WAP client for email access via mobile phone.

wap_inbox.jpgOne of the neatest additions that comes along with this release is the WAP version of webmail. A recent survey by Webcredible, a UK-based web usability and accessibility consultancy, showed that 33% of mobile phone users said email was their most requested feature.

Our WAP-enabled webmail works on over 5,000 different phones (including the iPhone, although it has an IMAP email app that works great with Tucows Email). It lets user see their inbox and messages, send and receive mail, and even view contacts. All the information on how to access the WAP browser including how to set a CNAME to enable a custom URL (like wap.yourdomain.com) is in the email documentation.

The WAP browser is a standard feature of Tucows Email Service ‚Äì just like IMAP, POP and our AJAX webmail application. It’s available today in the Test environment, and will be live for all users tomorrow.

A Rare Look Inside the Q9 Data Centre

Editor’s note: Heather is a Customer Communications Representative at Tucows. Her many responsibilities include handling customer and emergency communications, drafting incident reports and taking care of special technical communications. If you’re a Tucows customer, Heather plays an integral role in keeping you informed about the status of Tucows various services.

Last week, I was given the opportunity to visit Q9, one of Tucows‚Äô data centres. Every day I write about our products and service in status updates, maintenance windows and customer reports. Tucows infrastructure hardware — including our servers, routers, storage device and data centres — have become so familiar in my day-to-day tasks that I find myself thinking about them like actual live staff members.

q9_logo.gifSeeing the strength of the Tucows network, from the fibre drop to the servers, is a rare treat. Tours of Q9 are infrequent for security and logistical reasons. Access to the site is strictly controlled with only highly technical staff members granted security clearance to the data centre and our cages. Our Network Operations Centre (NOC) and Operations teams at Tucows headquarters conduct monitoring with a number of sophisticated remote systems. We also have staff who stay onsite at each of our data centres to coordinate with multiple sites and the team back at headquarters.

Q9′s data centre is built with the highest caliber of technical security: bullet resistant glass and biometric entrances with access cards are among the authentication and verification steps that must be complete before entering the areas of the cages. Q9 has strict protocols for site usage and visits. Surveillance includes cameras covering every angle and extensive onsite and offsite monitoring. There are mantraps that use biometrics to protect access to designated areas. The chamber has a biometric fingerprint unit that (whether imagined or not) felt like a current went through me when I touched it for validation scanning. Let’s face it: my inner geek loved the chance to see the hardware of the layer 3!

One of our many racks at Q9Our cage is large, with rows and racks of servers, massive storage devices, routers and cables. We use the best of the best equipment, including NetApp, for storage devices. Being a trained Library and Information Technician, I was extremely impressed with the labeling of every device with Dewy-Decimal-like meticulousness. Every machine has redundant power backups for testing and security. The hum and beeps of all the machines represent millions of domains, mailboxes, products and services.

Customers depend on security, reliability, accuracy and professionalism. Every day at work our teams ensure that every aspect, from security to equipment organization to functionality to maintenance, is seamlessly conducted. Q9 helps us out with multiple service points, generators and a contract of 100% service availability. When the blackout struck the Eastern Seaboard circuits in August 2003, Q9 remained online with their downtown NOC fully redundant and emergency plans enacted. Last year we moved to Q9 because of the reliable and consistent service it enables Tucows to pass onto its customers.

Tucows employees love the Internet. We are passionate about our work and almost daily there are internal challenges to see who has the best new tech toy or website reference. The abstract part about working in the Internet industry is that unless you are logged into the physical devices or visiting the data centre cages, you reside in the top layer and your own imagination. Now when I write about our devices I will have a much better visual of some of our infrastructure. Unlike a former coworker, I did not hug the machines! Instead, I just smiled and secretly waved.

Tucows Email Filtering

Back in December we told you that the replacement for our Email Defense service was in QA, and that we were planning to go live with the new service in January. True to our word, I’m happy to report that the newly minted offering we’re calling “Tucows Email Filtering” will be live the week of January 29th.

We have a lot to share with you in the coming weeks, and Email Filtering is just one part. I’ll follow up this post soon with a full explanation of how it works, including the thinking behind some of the changes that we’ve made. You’ll quickly understand why we’re calling this “new” once you see it in action.

Are Registries Aiding And Abetting Front Running?

As¬†James mentioned in yesterday’s post¬†here on the Tucows Blog,¬†Network Solutions Inc.¬†caused quite a furor¬†when they confirmed that they are “front running”¬†(registering domains based on domain searches done by potential registrants).

After a contributor to Domain State broke the story, it was covered on Techmeme, Digg, Slashdot, and a host of individual sites and blogs, etc. and so on. Heck, it even made USA Today.

To be clear, Network Solutions officially denied they were front running:

Although Network Solutions does temporarily register a site a customer searched for, spokeswoman Susan Wade denied there’s anything nefarious afoot. “Network Solutions is not front-running,” she said. Network Solutions holds the domain for up to four days, during which time a customer can register it only from Network Solutions and after which it again becomes generally available if unregistered, Wade said. But that feature, she said, is a “pre-emptive” measure to protect customers–from front-runners. That’s because front-runners can tell when a customer has searched for a domain at Network Solutions, for example because Network Solutions then must check availability at other sites when a customer searches, Wade said.

Respectfully, this is spin. As many of those up in arms about this have pointed out, Network Solutions is effectively saying “we’re pre-emptively front running to help prevent others from front running”. ¬†My guess is most people would say “thanks but no thanks”. I’m concerned however about an aspect of Susan Wade’s statement that others haven’t made much of, namely that registries are involved in Front Running.

“This search data is captured at the various registries. We believe there are registries and/or Internet service providers that may be selling this data to front-runners. So, by holding domains searched on Network Solutions, this pre-empts the search data being captured,” she said.

If Network Solutions has evidence of registries  - or any service provider for that matter Рactually being involved in front running, I urge them to share this information with the Internet community so that we can all make sure that these people are called out for the practice and our customers can be told to avoid them in the future.

Registrar Reputation and Trust

TrustIn light of some very recent events in the domain name market, we thought now would be a great time to again call attention to why taking your time, and doing your research when choosing your Registrar is so important. The advice applies both to Resellers and to Registrants as the impact of making the wrong choice can, and will, be felt by both.

The “recent events” I’m referring to is the practice Network Solutions was found to be engaging in whereby they would immediately purchase available .com domains that were searched for at their website. While this practice is commonly referred to as front running, Network Solutions has since responded, and have said they instituted this practice as a way to protect potential Registrants against front running by ensuring that the domains they searched for remained available for purchase. We’re willing to give Network Solutions the benefit of the doubt in this case.

Tucows applauds any attempts to protect Registrants from the less scrupulous members of the Internet community.

While Network Solutions registers names searched for at their website, and parks the domain with a holding page, it should be noted they do not attempt to monetize with PPC ads, or otherwise prevent the purchase of the domain in question. However, at this point, potential Registrants are effectively forced to purchase the domain from Network Solutions for a period of four days at which point the domain is dropped.

Read more about it here, and here, if you wish.

I spoke with Adam Eisner, our Product Manager for Domains and he reiterated the underlying values we hold at Tucows.

We work to uphold the rights of Registrants. That means, for example, not putting 60-day locks on domains when a Registrant makes a change to their WHOIS information effectively locking some into a renewal and blocking domain name transfers to other Registrars. That also means having a clear, defined policy surrounding expiry and redemption periods. You can read ours here.

Specifically on the subject of domain tasting, Adam stated that Tucows works to prevent domain name tasting by charging our Resellers a monetary fee on domain name registrations that are cancelled within the five-day Add Grace Period (AGP).

In addition, Tucows does not engage in front-running. Adam is clear on this point: Tucows doesn’t use WHOIS query data or search data from our API to front-run domain names. You can trust our WHOIS and domains lookup search boxes.

But following the rules is just part of what we’re doing to make the Internet better. Tucows has, and continues to work to shape Internet policy with the rights of resellers and domain name registrants in mind. We’ve long been active at ICANN and we’re continue to work to shape domain name policy with the expressed goal of making the Internet better for its users. Next month we’re off to New Delhi, India, for the 31st International Public ICANN meeting.

Ross Rader, our resident policy guy (officially the General Manager of Retail Services) has worked tirelessly in the areas of WHOIS Privacy reform, to name but one example. Elliot Noss, our President and CEO, was one of the people at the forefront of the fight against Registry price increases last year.

Last May, Elliot wrote an extensive article for this blog titled “Questions to Ask Before You Pick Your Domain Name Registrar.” We reference that post regularly as it provides a wealth of information that Registrants can use to educate themselves about how to evaluate potential Registrars before they make a domain name purchase.

Thanks to Flickr user Joe Nangle for the photo and for releasing it under Creative Commons.

Does Your Domain Name Have a Dirty Secret?

When it comes to choosing a domain name for your business, it helps to have a ‘dirty’ mind. Otherwise you might end up being stuck with a domain name that will get you into trouble with word-based content filters.

That’s right, if your domain name inadvertently contains a ‘naughty’ keyword or phrase, your entire Website may be blocked by content blocking filters still commonly used by large corporations, libraries, schools, and overprotective parents. Your site might also be hindered from showing up in some search engines, and some of the email messages you send from your domain could end up being blocked by spam filters.

Here are some fictitious examples of what at first appear to be innocent domain names:

  • HireThisExCopper [dot-something]
  • EssexWorld [dot-something]

Look closer, however, and you will notice that the first domain contains the word “sex” and the second contains the phrase “sex world.” Both of these domains could end up running into trouble with filters, especially the second one.

And can you spot what’s problematic with these domain names?

  • ScanAlley [dot-something]
  • CanalTours [dot-something]

Both contain the word “anal” which also poses a risk of running afoul of filters.

You get the idea…

So before deciding on your next domain name, be sure to scrutinize it carefully. Look for any and all ‘troublesome’ words and phrases. The last thing you want is to have your seemingly innocuous domain name misinterpreted by word-based content filters.

Resolve to keep your domain names resolving

canadian-marketing-blog.gifAs a follow-up to yesterday’s post about how to protect your domain names from theft, I’ll point you to a blog post by Bill Sweetman, our General Manager, Domains Portfolio, over at the Canadian Marketing Association’s blog. In that post Bill suggests a domain name related New Year’s Resolution.

I’ll add to Bill’s comments and suggest that while you’re running a WHOIS query on your domains, you should see if you have WHOIS Privacy enabled. If not, enable it and then set those renewal reminders as Bill suggests.

How to Protect Yourself from Domain Hijacking

Over Christmas there was a well-publicized case of domain-hijacking that gained some worldwide media attention when David Airey had his domain, www.davidairey.com, stolen. The story was a familiar one ‚Äì a domain thief gained access to a domain holder’s email account (in this case, a Google GMail account) and then used that account to gain control of the domain name and transfer it to himself.

This story had a happy ending and the domain was returned to its rightful owner thanks to, in this case, Go Daddy, which was the receiving Registrar in the fraudulent transfer.

At Tucows we’re actively engaged in the battle against online fraud including domain name theft, phishing, and spam. When domain name thefts are reported to us, our Compliance Team acts accordingly to assist with retrieval of domains where possible.

I talked to Paul Karkas our Compliance Manager. There are a couple of tips to avoiding domain name theft he suggested all domain owners and resellers learn:

1. Use WHOIS Privacy. It can protect you to a certain extent from this kind of theft. If the administrative email address that is listed with the domain name under WHOIS is exposed, then a potential domain thief has two pieces of information he needs – the domain name, and the email address used to manage it. The thief can then gain control of the email address, and then use that email address to gain control of the domain by having passwords emailed to himself. WHOIS Privacy offers some protection because it prevents the domain thief from finding out what the administrative email address is for the domain name.

2. If you can avoid it, don’t use free, web-based email addresses for your administrative contact. In this case, a security flaw in GMail allowed the hacker to gain control of the email account of the domain holder. Likewise, having your entire domain portfolio under a single administrative email account is another mistake. Never mind having one domain name stolen, if a thief gains control of your email account, he could steal your entire portfolio of names.

3. Your domain name is worth more to you than you might think. It may only cost you $10 a year to register the domain, but take a moment to imagine what the cost would be if you had to change domain names tomorrow. It could be as easy as reprinting business cards, or as difficult as re-branding your entire company.

4. Chose your Registrar wisely. Look for a Registrar with a solid Compliance team and a good record within the industry. They’ll have policy and procedures in place to protect you against domain name theft, and in the event your domain is taken from you fraudulently, you stand a better chance of getting it back with a solid registrar. Our CEO, Elliot Noss, has talked about this in the past. You can read his “Ten questions to ask before you pick your domain name Registrar” post for more information on how to make an informed choice.

If you do one thing today, make it this: activate WHOIS privacy on your domains. At Tucows, we recognize the value of WHOIS Privacy, and we include it free with every domain name sold.

To Top