- Impact
- 12,732
There is a significant contingent of domainers who use variations on the theme of "catch-all" email inboxes to find sales leads. I believe there may be one or two businesses premised on providing free or low-cost email services for that specific purpose, which have been discussed here in the past.
There are a couple of risks to doing that. What I have generally advised is that it is hard to hold a domain registrant liable for what they don't know and don't have. If, unknown to the registrant, there is some other similar domain name which is being used by another party for communications, then the registrant will not be accumulating mis-directed email containing potentially sensitive information if the name is not configured to receive email. If, on the other hand, the registrant receives mis-directed sensitive communications containing, say, financial information, health data, or trade secrets, then there are legitimate concerns about why the registrant is accumulating those communications and what the registrant is doing with the information.
In the worst case scenario, the collection of mis-directed email is intentional, as in:
https://www.adrforum.com/DomainDecisions/125751.htm
"As to Respondent’s purpose in doing so, shortly after having registered the <wfubmc.com> domain, actual confusion occurred and Respondent complied with Complainant’s request to forward misdirected email to Complainant. When Respondent was asked in May 2002 what his proposal would be for Complainant to acquire the <wfubmc/com/net/org> domains, he said he could provide forwarding services for $20/year/user, or for a flat fee of $5,000 annually per domain. He then stated: “In light of the opportunity costs, lost productivity, security risks and privacy risks that are continuously being incurred by the Institution with the status quo, I believe this to be a bargain. Of course an offer for complete acquisition would be considered”."
Where a domain is parked or otherwise lightly used for HTTP queries, the existence of an MX DNS record (as opposed to simply having no MX record) might indicate simply that the registrant uses the domain name primarily for email and does not particularly care about a web presence as, for example, is the case for johnberryhill.com. There are numerous UDRP cases in which a respondent's use of a domain name primarily for email has been found legitimate. e.g. <https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2020-1577>
But where the domain name is similar to a distinctive mark, and there is no substantial use of the domain name for a website, then the existence of an MX record may suggest that the respondent may be collecting mis-directed email addresses or even sending confusing email addresses:
https://www.adrforum.com/domaindecisions/1888544.htm
"First, Complainant contends that the <o‑iglass.com> domain name has been registered and used in bad faith because the original Respondent was probably preparing to use the disputed domain name in furtherance of an email phishing scheme and for other improper purposes. [...] Complainant argues that an “@o‑iglass.com” email address associated with the disputed domain name is potentially being used to impersonate Complainant and to send phishing e-mails to Internet users, presumably designed to solicit information under false pretenses."
That same point appears to have been made sua sponte in:
https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2020-2754
"Furthermore, the MX records associated with the disputed domain name are openly available for view by the public and by the Panel. The Panel considers configuration of an email server on the disputed domain name as additional evidence corroborating Complainant’s assertions. More specifically, the disputed domain name contains in its entirety Complainant’s DEWBERRY trademark, and the record is devoid of any evidence to suggest that Respondent has any legitimate interest in sending emails from the disputed domain name. Respondent’s proactive configuration of an email server supports Complainant’s assertion that the disputed domain name creates a risk that Respondent would be engaged in a phishing scheme by using an email address impliedly associated with Complainant."
It is also true that some entities in the parking business cooperate with anti-spam organizations to provide anti-spammers with a feed of inbound email to parked domains, to assist in training automated spam identification and blocking systems.
However, the tendency of paranoid reasoning to track "I don't know what is going on, so it is probably something bad", and its application in UDRP jurisprudence as "here's a new hammer to beat anything that looks like a nail" mitigates against setting up passive email service for domains which are not going to be used for email purposes. I believe the open-ended "why is there an MX record for this domain" observation is an up and comer tool for finding bad faith use.
There are a couple of risks to doing that. What I have generally advised is that it is hard to hold a domain registrant liable for what they don't know and don't have. If, unknown to the registrant, there is some other similar domain name which is being used by another party for communications, then the registrant will not be accumulating mis-directed email containing potentially sensitive information if the name is not configured to receive email. If, on the other hand, the registrant receives mis-directed sensitive communications containing, say, financial information, health data, or trade secrets, then there are legitimate concerns about why the registrant is accumulating those communications and what the registrant is doing with the information.
In the worst case scenario, the collection of mis-directed email is intentional, as in:
https://www.adrforum.com/DomainDecisions/125751.htm
"As to Respondent’s purpose in doing so, shortly after having registered the <wfubmc.com> domain, actual confusion occurred and Respondent complied with Complainant’s request to forward misdirected email to Complainant. When Respondent was asked in May 2002 what his proposal would be for Complainant to acquire the <wfubmc/com/net/org> domains, he said he could provide forwarding services for $20/year/user, or for a flat fee of $5,000 annually per domain. He then stated: “In light of the opportunity costs, lost productivity, security risks and privacy risks that are continuously being incurred by the Institution with the status quo, I believe this to be a bargain. Of course an offer for complete acquisition would be considered”."
Where a domain is parked or otherwise lightly used for HTTP queries, the existence of an MX DNS record (as opposed to simply having no MX record) might indicate simply that the registrant uses the domain name primarily for email and does not particularly care about a web presence as, for example, is the case for johnberryhill.com. There are numerous UDRP cases in which a respondent's use of a domain name primarily for email has been found legitimate. e.g. <https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2020-1577>
But where the domain name is similar to a distinctive mark, and there is no substantial use of the domain name for a website, then the existence of an MX record may suggest that the respondent may be collecting mis-directed email addresses or even sending confusing email addresses:
https://www.adrforum.com/domaindecisions/1888544.htm
"First, Complainant contends that the <o‑iglass.com> domain name has been registered and used in bad faith because the original Respondent was probably preparing to use the disputed domain name in furtherance of an email phishing scheme and for other improper purposes. [...] Complainant argues that an “@o‑iglass.com” email address associated with the disputed domain name is potentially being used to impersonate Complainant and to send phishing e-mails to Internet users, presumably designed to solicit information under false pretenses."
That same point appears to have been made sua sponte in:
https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2020-2754
"Furthermore, the MX records associated with the disputed domain name are openly available for view by the public and by the Panel. The Panel considers configuration of an email server on the disputed domain name as additional evidence corroborating Complainant’s assertions. More specifically, the disputed domain name contains in its entirety Complainant’s DEWBERRY trademark, and the record is devoid of any evidence to suggest that Respondent has any legitimate interest in sending emails from the disputed domain name. Respondent’s proactive configuration of an email server supports Complainant’s assertion that the disputed domain name creates a risk that Respondent would be engaged in a phishing scheme by using an email address impliedly associated with Complainant."
It is also true that some entities in the parking business cooperate with anti-spam organizations to provide anti-spammers with a feed of inbound email to parked domains, to assist in training automated spam identification and blocking systems.
However, the tendency of paranoid reasoning to track "I don't know what is going on, so it is probably something bad", and its application in UDRP jurisprudence as "here's a new hammer to beat anything that looks like a nail" mitigates against setting up passive email service for domains which are not going to be used for email purposes. I believe the open-ended "why is there an MX record for this domain" observation is an up and comer tool for finding bad faith use.
Last edited: