Following up on my domain names post

There’s a real world follow-up to my previous entry – Domain names – some basics I’ve learned through … experience. I said:

> I buy the privacy protection. That way, whois will
> tell people I’m are the domain owner but will point
> to Network Solutions as the contact. I have heard
> of instances where domains were “stolen” simply
> by providing the whois information to registrars
> who didn’t care enough to double check with the
> real owner.

Larry Seltzer of eWeek reported in his column that his own domain had been highjacked:
“My identity thief made two uses of this domain to my knowledge. He posted some e-mails to mailing lists, including this one on Full Disclosure (http://seclists.org/fulldisclosure/2007/May/0334.html). He also contacted eWEEK and tried to get control of the log-on credentials for my blog and to have my Ziff Davis e-mail forwarded to larry@larryseltzer.net. eWEEK didn’t fall for it. As far as I can tell, the impersonation efforts ended around then.“

So, there’s first person evidence that it happened to a big name industry writer – meaning it could happen to anyone. So I emphasize again, get the privacy protection. It’s cheap insurance against Larry’s documented nightmare of bureaucratic nonsense trying to wrestle his domain back.

Here’s Larry’s column:
http://www.eweek.com/c/a/Security/Whois-Abuse-Still-Out-of-Control/?kc=EWKNLSTE01222009STR1

Domain names – some basics I’ve learned through … experience

When I set out to purchase a new domain name for a client, I recommend always buying the dotcom (.com). My criteria:

1. All people have to do is type the domain name (e.g. heavenr) and press “CTRL” and “Enter” at the same time. The browsers — all of them that I know about — automatically autofill the www. and .com (e.g. “heavenr” becomes www.heavenr.com)
2. There’s never a chance for cybersquatting — I’ve already got the one commodity they thrive on
3. The alternative top-level domains (TLD) — i.e. .net, .org, .biz, .info, .us, .cc (or .tt, or .any other country) — are not the first things people think about when they try to find me
4. Porn sites almost always use .com because they know they’ll get my traffic first when people forget to use the appropriate alternative TLDs (again, .net, .org, .biz, .info, .us, .cc, etc.)

I don’t worry about people making typographical errors — as long as I have the .com TLD, they’ll see their mistake right away.

If the company name URL is already taken, I think about the other keywords. It’s likely that at least one of them will be available. If my credibility is good and the site gives visitors what they need, they’ll remember the domain even if it’s not the “trademarked” identity. Even alternative spellings will work if my credibility is good and the site gives visitors what they need.

I always buy from Network Solutions. Their telephone support is fabulous. If I have a problem, they’ll solve it for me. I’ve struggled with other registrars who … just don’t care.

If I really want to protect my domain investment, I buy the .net and .org as well. Then I point them all to the same web server. Although they also sell web hosting, Network Solutions will gladly point the domains to the DNS servers (e.g. ns1.ispname.com, etc.) that my ISP gives me.

I buy the privacy protection. That way, whois will tell people I’m are the domain owner but will point to Network Solutions as the contact. I have heard of instances where domains were “stolen” simply by providing the whois information to registrars who didn’t care enough to double check with the real owner. Plus, I won’t be spammed when the spiders glean my whois page.

I learned the hard way about registering .com domains and when I lost it, had to loop back. Fortunately, when the domain expired the next year, the owner didn’t renew it and I got another chance at it. Again, Network Solutions support was great — they walked me through the whole reservation process and the re-registration.

Communicating is in the details

My friend Catlyn sent me an email message from her Blackberry. I didn’t recognize her email address and almost deleted it. The message was unsigned except for the signature line ”Sent from my Blackberry.”

I replied that I didn’t know who the message was from. But I guessed it might be Catlyn from what she said, and suggested that she should add her name to the signature. Seems simple enough. It’s a standard feature in every computer-based email client that I know.

She emailed right back that Blackberry didn’t have a setup/configuration that let her (1) add her name, or (2) remove the “sent from” comment. I don’t have a Blackberry, so I can’t verify that. But I will say that any device that doesn’t allow such a thing is flawed. More importantly, it causes a communications breakdown.

My new iPhone does allow customizing the signature, and it’s not hard to find. I changed to my standard email signature — name, cell/fax, email address. When people get email from me, they know who I am and how to communicate back.

Communicating means providing details that get the message across. To leave me guessing about the sender’s identity is not communicating — and I’m not criticizing Catlyn here. If RIM didn’t offer that level of customization on the Blackberry, that’s bad. If they did and she can’t find it, that’s worse because either the documentation didn’t communicate or the menus didn’t.

Now, in Catlyn’s case, since her Blackberry won’t do it for her, she’ll end up typing her name at the end of each message. That’s one detail she shouldn’t overlook. Someone else might not be able to guess who she is … if they don’t recognize xxx @ yyy . net, they might conceivable just delete the message. And if so, there’s been no communication.