Internet and e-mail policy and practice
including Notes on Internet E-mail


Click the comments link on any story to see comments or add your own.

Subscribe to this blog

RSS feed

Home :: ICANN

09 Aug 2006

Has Your Browser Been to Cameroon Lately? ICANN

A recent message on Circle ID notes that Cameroon in west Africa has added a wild card to its .CM country domain. This means that anyone who tries to type into his browser and types instead will in most cases end up at the web site the wild card points to, similar to what Verisign did with their infamous Sitefinder a few years ago. (I say most, because if you type the name of an actual .cm domain, you'll end up at that domain. More about that later.)

This wildcard differs from Sitefinder in several ways, most notably in that unhappy victims of typo-squatting have considerably less recourse. The .CM registry is run by Camnet, part of Camtel, which is the government controlled national telephone company. IANA has a firm rule of long standing that in practice makes each country's government the arbiter of who runs the country's ccTLD. (It dates from a controversial delegation of the Hatian TLD in 1997.) So no matter how unhappy people are with *.CM, it is utterly implausible that the government would agree to redelegate the domain away from itself.

I assume here that whoever is in charge of the .cm registry knows what's going on. They have registration rules posted on their web site, rather conventional ones that say that all registered domains must be 2 to 24 characters consisting of letters, digits, and hyphens. Since one character names and asterisks aren't on the list, at the very least someone persuaded them to bend the rules, if not pay an outright bribe, so some polite political pressure might work.

Another possibility someone mentioned was a WIPO action. It would certainly be amusing to see someone file a WIPO complaint against the government of a WIPO member state, but it's kind of hard to see it going anywhere.

A more productive approach would be to go after the beneficiaries of the typos. The wildcard record points to a server at Peer1 in Vancouver BC, an ISP with a long history of hosting dodgy customers from around the world. This particular customer is NameView, who is either part of Peer1 or pretty good friends since they're just down the street from Peer1 HQ. They say they manage large domain portfolios, but they're not accepting new customers, and they have a history of typosquatting. All the links on the landing page click through to Yahoo's Overture pay-per-click subsidary, another easy to find target.

I wondered whether there might be more typosquatting going on in Cameroon, so I took a look at the ccTLD zone file. It's not very big, only 188 domains. Most of them are plausible local domains pointing at local servers. A moderate number point at European companies like Air France and Standard Chartered Bank that do business in Cameroon. Several including,, and are defensive, registered by the owners of the corresponding .com and either inactive or pointing at their .com domains.

But then there are a bunch of straight typo-squats:,,,,,,,,, and They all point to the same server at Rackspace in Texas, which serves up pages full of links related to the corresponding .com. All but one have links that go to and also redirect through Overture, usually with one of those links leading to the corresponding .com page. (Someone forgot to set up I would think that many the .com sites would have a slam dunk case against these sites since,,, and all have registered US trademarks and the squatter is in Texas.

The lesson here is that something is fundamentally screwed up in the domain world when one server manager in Cameroon can enable this much confusion. But I still can't figure out what the right solution is.

  posted at: 23:02 :: permanent link to this entry :: 3 comments
Stable link is


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

It turns out you don’t need a license to hunt for spam.
111 days ago

A keen grasp of the obvious
Italian Apple Cake
669 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse

My Mastodon feed

© 2005-2024 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.