[GH-ISSUE #477] enable abuse management for zone dns operators #349

New issue

Open

opened 2026-02-26 10:31:00 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 10:31:00 +03:00

Owner

Originally created by @ThomasWaldmann on GitHub (Apr 8, 2021).
Original GitHub issue: https://github.com/nsupdate-info/nsupdate.info/issues/477

#476 showed that nsupdate.info service is lacking some functionality for zone operators who are not running their own nsupdate.info software instance (but just run DNS service for some zone offered via nsupdate.info website) and thus do not have admin access to configuration files and django admin:

some users abuse the service by using dyndns for their criminal activities
domain owners get complaints (usually forwarded from their domain registrar, sometimes also directly), from police, fbi, interpol, etc.
of course registrars are not willing to handle too many of such complaints

When offering hosts / domains, one can not do much to prevent such abuse, but we need to be able to react quickly if we get informed about such abuse.

My usual procedure when an abusive (in the sense of "being used for criminal activities") host is found:

check what user account created the host (manually via django admin)
kill the user account in the database (which will also kills all hosts of that user, which might be also used for criminal activities anyway) (manually via django admin)
blacklist the host names so they can't be recreated (manually via config file)

TODOl:

move the host blacklist from config to the DB (check what we already have)
have some view for domain owners where they can fill in a "bad host list"
do same procedure as above, just automated
report back about all host names that were deleted / blacklisted

Originally created by @ThomasWaldmann on GitHub (Apr 8, 2021). Original GitHub issue: https://github.com/nsupdate-info/nsupdate.info/issues/477 #476 showed that nsupdate.info service is lacking some functionality for zone operators who are **not** running their own nsupdate.info software instance (but just run DNS service for some zone offered via nsupdate.info website) and thus do not have admin access to configuration files and django admin: - some users abuse the service by using dyndns for their criminal activities - domain owners get complaints (usually forwarded from their domain registrar, sometimes also directly), from police, fbi, interpol, etc. - of course registrars are not willing to handle too many of such complaints When offering hosts / domains, one can not do much to prevent such abuse, but we need to be able to react quickly if we get informed about such abuse. My usual procedure when an abusive (in the sense of "being used for criminal activities") host is found: - check what user account created the host (manually via django admin) - kill the user account in the database (which will also kills **all** hosts of that user, which might be also used for criminal activities anyway) (manually via django admin) - blacklist the host names so they can't be recreated (manually via config file) TODOl: - move the host blacklist from config to the DB (check what we already have) - have some view for domain owners where they can fill in a "bad host list" - do same procedure as above, just automated - report back about all host names that were deleted / blacklisted