Whois is a method for checking information about ownership of a domain. ICANN require domain owner to provide accurate name, organization, address, phone, fax, and email identity for every domain registration, and these information must be publicly available on Whois. Today, many free web based Whois lookup services available on internet make Whois information is vulnerable to spammers, marketers, identity thieves.

ID Protect masking Whois information without breach ICANN rules.

ID Protect is available as domain add-on on domain registration. With only Rp 79.000 / year, your Whois information is safe from spammers.

Client pay domain registration fee, therefore they deserve the domain ownership, sadly there is many hosting enter whois information with hosting identity, probably afraid to lose the domain. With such condition client will have difficulty if they want to transfer domain to other hosting if the hosting don’t want to give the EPP code and unlock the domain. ekomersial.com honor client’s domain ownership and always enter whois information with client’s identity.

At first, id domain can only be used as a second level domain (SLD). Currently there are eleven SLD id that can be used for their designated purpose of each: co.id, web.id, or.id, sch.id, ac.id, net.id, biz.id, my.id, desa. id, go.id, and mil.id. Starting August 17th the public can directly use the id without additional extensions in the future.

Prior to the release, has conducted three phases priority period: Sunrise Period for trademark holders, Grandfather Period for id SLD owner, and the Landrush period for the public.

Sunrise Period conducted on February 20 to April 17, 2014, while the period Grandfather made on April 21 to June 13, 2014. Landrush Period as a priority period last performed on June 16-August 15, 2014.

In the period 3065 priority domain name registration record. 815 domain names registered in the Sunrise Period, 911 domain names registered on Grandfather period, and 1,339 domain names registered in the Landrush period.

Starting today, anything.id domains can be registered to all registrars. .id have already entered the stage of general availability, and may be registered with the registrar first principles or first come first serve.

Anything.id domain usage charges is set at Rp 590.000 per year. Anything.id domain expected to increase the use of the domain name id in Indonesia.

Terms and conditions:

• Consists of personal domain and the domain institution / agency / organization / entity.
• Personal domain names, just the name / part name / acronym names contained in the identity document (ID Card / Driving License / Passport)
• The domain name agencies / institutions / organizations, can be anything based on First Come First Served principle and qualified identity documents and legal documents.
• The domain name is more than or equal to 5 characters.
• The domain name less than 5 characters must directly contact registry.

Both POP3 (Post Office Protocol) and IMAP (Internet Message access protocol) allow people to get access to their email from a remote server; however, that is where most similarities end. POP3 simply downloads email to your computer, and usually (but not always) deletes the email from the remote server. The problems arise if you have more than one device where you read your mail (desktop, laptop, tablet or phone). Here’s why it’s bad: You have to delete or file the same email on every device.

Logging into each device, you will see lots of unread emails with no indication of which you deleted, read, flagged or filed Any folders you created and organize on one device won’t be replicated on the other devices.

IMAP allows users to store their email on remote servers. This two-way protocol also allows the user to synchronize their email among multiple devices, which is extremely important today, when most people have at least two devices – their laptop and smartphone.

The Practical Use of POP3

People who access their email account from computer, and back-up their hard drive regularly, can get by with using POP. Although it is possible to arrange to have email stored on the remote servers of most ISPs and other email service providers, downloading email is a slow process if the user has a large number of messages stored on the remote server.

Here’s why POP3 is bad:

• You have to delete or file the same email on every device
• Logging into each device, you will see lots of unread emails with no indication of which you deleted, read, flagged or filed
• Any folders you created and organize on one device won’t be replicated on the other devices

The Practical Use of IMAP

For people using multiple computers and devices, such as mobile phones and tablets, the ability to synchronize email actions among devices is essential. When a person uses IMAP, and he or she reads, deletes or moves email into folders, the action occurs across all devices simultaneously. Since it is possible to download only the email headers with IMAP, it’s much quicker. Additionally, any offline changes that are made to email are transmitted to the remote server once an Internet connection is re-established. Essentially, IMAP allows the user to archive their email on their computer or device while having a backup stored on the remote server. Additionally, business users, especially those in professions that demand confidentiality, prefer to use IMAP since it allows for the added security email encryption affords.

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. Many websites have now created secondary tools for applications, like maps for games, but they should be clearly marked as to who wrote them, and you should not use the same passwords anywhere on the internet.

Anti-phishing

As recently as 2007, the adoption of anti-phishing strategies by businesses needing to protect personal and financial information was low. Now there are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing. These techniques include steps that can be taken by individuals, as well as by organizations. Phone, web site, and email phishing can now be reported to authorities, as described below.

– Social Responses

People can take steps to avoid phishing attempts by slightly modifying their browsing habits. When contacted about an account needing to be “verified” (or any other topic used by phishers), it is a sensible precaution to contact the company from which the email apparently originates to check that the email is legitimate. Alternatively, the address that the individual knows is the company’s genuine website can be typed into the address bar of the browser, rather than trusting any hyperlinks in the suspected phishing message.

Nearly all legitimate e-mail messages from companies to their customers contain an item of information that is not readily available to phishers. Some companies, for example PayPal, always address their customers by their username in emails, so if an email addresses the recipient in a generic fashion (“Dear PayPal customer”) it is likely to be an attempt at phishing. Emails from banks and credit card companies often include partial account numbers.

– Identify Legitimate Websites

Some newer browsers, such as Internet Explorer 8, display the entire URL in grey, with just the domain name itself in black, as a means of assisting users in identifying fraudulent URLs.

With the advent of EV certificates, browsers now typically display the organisation’s name in green, which is much more visible and is hopefully more consistent with the user’s expectations. Browser vendors have chosen to limit this prominent display only to EV certificates, leaving the user to fend for himself with all other certificates.

– Secure Connection

The standard display for secure browsing from the mid-1990s to mid-2000s was the padlock. In 2005, Mozilla fielded a yellow address bar as a better indication of the secure connection. This innovation was later reversed due to the EV certificates, which replaced certain certificates providing a high level of organization identity verification with a green display, and other certificates with an extended blue favicon box to the left of the URL bar (in addition to the switch from “http” to “https” in the url itself).

With the advent of EV certificates, browsers now typically display the organisation’s name in green, which is much more visible and is hopefully more consistent with the user’s expectations. Browser vendors have chosen to limit this prominent display only to EV certificates, leaving the user to fend for himself with all other certificates.

– Fraudulent Websites Browser Alert

Another popular approach to fighting phishing is to maintain a list of known phishing sites and to check websites against the list. Microsoft’s IE7 browser, Mozilla Firefox 2.0, Safari 3.2, and Opera all contain this type of anti-phishing measure. Firefox 2 used Google anti-phishing software. Opera 9.1 uses live blacklists from Phishtank and GeoTrust, as well as live whitelists from GeoTrust. Some implementations of this approach send the visited URLs to a central service to be checked, which has raised concerns about privacy. According to a report by Mozilla in late 2006, Firefox 2 was found to be more effective than Internet Explorer 7 at detecting fraudulent sites in a study by an independent software testing company.

An approach introduced in mid-2006 involves switching to a special DNS service that filters out known phishing domains: this will work with any browser, and is similar in principle to using a hosts file to block web adverts.

– Augmenting Password Logins

The Bank of America’s website is one of several that ask users to select a personal image, and display this user-selected image with any forms that request a password. Users of the bank’s online services are instructed to enter a password only when they see the image they selected. However, a recent study suggests few users refrain from entering their password when images are absent. In addition, this feature (like other forms of two-factor authentication) is susceptible to other attacks, such as those suffered by Scandinavian bank Nordea in late 2005, and Citibank in 2006.

A similar system, in which an automatically generated “Identity Cue” consisting of a colored word within a colored box is displayed to each website user, is in use at other financial institutions.

– Eliminating Phishing Mail

Specialized spam filters can reduce the number of phishing emails that reach their addressees’ inboxes. These approaches rely on machine learning and natural language processing approaches to classify phishing emails. Email address authentication is another new approach.

– Transaction verification and signing

Solutions have also emerged using the mobile phone (smartphone) as a second channel for verification and authorization of banking transactions.

Affiliate marketing is a type of performance-based marketing in which a business rewards one or more affiliates for each visitor or customer brought by the affiliate’s own marketing efforts. The industry has four core players: the merchant (also known as ‘retailer’ or ‘brand’), the network (that contains offers for the affiliate to choose from and also takes care of the payments), the publisher (also known as ‘the affiliate’), and the customer. The market has grown in complexity, resulting in the emergence of a secondary tier of players, including affiliate management agencies, super-affiliates and specialized third party vendors.

Affiliate marketing overlaps with other Internet marketing methods to some degree, because affiliates often use regular advertising methods. Those methods include organic search engine optimization (SEO), paid search engine marketing (PPC – Pay Per Click), e-mail marketing, content marketing and in some sense display advertising. On the other hand, affiliates sometimes use less orthodox techniques, such as publishing reviews of products or services offered by a partner.

Affiliate marketing is commonly confused with referral marketing, as both forms of marketing use third parties to drive sales to the retailer. However, both are distinct forms of marketing and the main difference between them is that affiliate marketing relies purely on financial motivations to drive sales while referral marketing relies on trust and personal relationships to drive sales.

Affiliate marketing is frequently overlooked by advertisers. While search engines, e-mail, and website syndication capture much of the attention of online retailers, affiliate marketing carries a much lower profile. Still, affiliates continue to play a significant role in e-retailers’ marketing strategies.

To prevent email spam (a.k.a. unsolicited bulk email), both end users and administrators of email systems use various anti-spam techniques. Some of these techniques may be embedded in products, services and software to ease the burden on users and administrators. No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email vs. not rejecting all spam, and the associated costs in time and effort.

Detecting spam

– Checking words

People tend to be much less bothered by spam slipping through filters into their mail box (false negatives), than having desired email (“ham”) blocked (false positives). Trying to balance false negatives (missed spams) vs false positives (rejecting good email) is critical for a successful anti-spam system. Some systems let individual users have some control over this balance by setting “spam score” limits, etc. Most techniques have both kinds of serious errors, to varying degrees. So, for example, anti-spam systems may use techniques that have a high false negative rate (miss a lot of spam), in order to reduce the number of false positives (rejecting good email).

The content also doesn’t determine whether the email was either unsolicited or bulk, the two key features of spam. So, if a friend sends you a joke that mentions “viagra”, content filters can easily mark it as being spam even though it is neither unsolicited nor sent in bulk. Non-content base statistical means can help lower false positives because it looks at statistical means vs. blocking based on content/keywords. Therefore, you will be able to receive a joke that mentions “viagra” from a friend.

– Spamtrap

Spamtraps are often email addresses that were never valid or have been invalid for a long time that are used to collect spam. An effective spamtrap is not announced and is only found by dictionary attacks or by pulling addresses off hidden webpages. For a spamtrap to remain effective the address must never be given to anyone. Some black lists, such as spamcop, use spamtraps to catch spammers and blacklist them.

End user techniques

– Address munging

Posting anonymously, or with a fake name and address, is one way to avoid email address harvesting, but users should ensure that the fake address is not valid. Users who want to receive legitimate email regarding their posts or Web sites can alter their addresses so humans can figure out but spammers cannot. For instance, joe@example.com might post as joeNOS@PAM.invalid.example.com. Address munging, however, can cause legitimate replies to be lost. If it’s not the user’s valid address, it has to be truly invalid, otherwise someone or some server will still get the spam for it. Other ways use transparent address munging to avoid this by allowing users to see the actual address but obfuscate it from automated email harvesters with methods such as displaying all or part of the email address on a web page as an image, a text logo shrunken to normal size using in-line CSS, or as jumbled text with the order of characters restored using CSS.

– Avoid responding to spam

Spammers often regard responses to their messages—even responses like “Don’t spam me”—as confirmation that an email address is valid. Likewise, many spam messages contain Web links or addresses which the user is directed to follow to be removed from the spammer’s mailing list. In several cases, spam-fighters have tested these links, confirming they do not lead to the recipient address’s removal—if anything, they lead to more spam. This removal request of filing a complaint may get the address list washed. To lower complaints so the spammer can stay active before having to acquire new accounts and/or internet provider.

– Contact forms

Contact forms allow users to send email by filling out forms in a web browser. The web server takes the form data, forwarding it to an email address. Users never see the email address. Such forms, however, are sometimes inconvenient to users, as they are not able to use their preferred email client, risk entering a faulty reply address, and are typically not notified about delivery problems. Further, contact forms have the drawback that they require a website that supports server side scripts. Finally, if the software used to run the contact forms is badly designed, it can become a spam tool in its own right. Additionally, some spammers have begun to send spam using the contact form.

– Disable HTML in email

Many modern mail programs incorporate Web browser functionality, such as the display of HTML, URLs, and images. This can easily expose the user to offensive images in spam. In addition, spam written in HTML can contain web bugs which allows spammers to see that the email address is valid and that the message has not been caught in spam filters. JavaScript programs can be used to direct the user’s Web browser to an advertised page, or to make the spam message difficult to close or delete. Spam messages have contained attacks upon security vulnerabilities in the HTML renderer, using these holes to install spyware. (Some computer viruses are borne by the same mechanisms.)

Mail clients which do not automatically download and display HTML, images or attachments, have fewer risks, as do clients who have been configured to not display these by default.

– Disposable email addresses

An email user may sometimes need to give an address to a site without complete assurance that the site owner will not use it for sending spam. One way to mitigate the risk is to provide a disposable email address—a temporary address which the user can disable or abandon which forwards email to a real account. A number of services provide disposable address forwarding. Addresses can be manually disabled, can expire after a given time interval, or can expire after a certain number of messages have been forwarded. Disposable email addresses can be used by users to track whether a site owner has disclosed an address. This capability has resulted in legal jeopardy for sites that disclose confidential addresses without permission.

– Ham passwords

Systems that use ham passwords ask unrecognised senders to include in their email a password that demonstrates that the email message is a “ham” (not spam) message. Typically the email address and ham password would be described on a web page, and the ham password would be included in the “subject” line of an email message. Ham passwords are often combined with filtering systems, to counter the risk that a filtering system will accidentally identify a ham message as a spam message.[3]

The “plus addressing” technique appends a password to the “username” part of the email address.

Automated techniques for email administrators

– Domain Keys Identified Mail (DKIM)

DomainKeys Identified Mail (DKIM) is an email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is authorized by that domain’s administrators. A digital signature included with the message can be validated by the recipient using the signer’s public key published in the DNS.

All of our hosting packages have its DKIM enabled by default.

– Sender Policy Framework (SPF)

Sender Policy Framework (SPF) is a simple email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is being sent from a host authorized by that domain’s administrators. The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged sender addresses, so publishing and checking SPF records can be considered anti-spam techniques.

All of our hosting packages have its SPF enabled by default.

SpamAssassin

SpamAssassin is the #1 enterprise open source email spam filter.

– Hybrid filtering

SpamAssasssin uses some or all of the various tests for spam, and assigns a numerical score to each test. Each message is scanned for these patterns, and the applicable scores tallied up. If the total is above a fixed value, the message is rejected or flagged as spam. By ensuring that no single spam test by itself can flag a message as spam, the false positive rate can be greatly reduced.

– Outbound spam protection

Outbound spam protection involves scanning email traffic as it exits a network, identifying spam messages and then taking an action such as blocking the message or shutting off the source of the traffic. Outbound spam protection can be implemented on a network-wide level (using policy-based routing or similar techniques to route SMTP messages to a filtering service). Or, it can be implemented within a standard SMTP gateway. While the primary economic impact of spam is on spam recipients, sending networks also experience financial costs, such as wasted bandwidth, and the risk of having IP addresses blocked by receiving networks.

– Statistical content filtering

Statistical (or Bayesian) filtering once set up, requires no administrative maintenance per se: instead, users mark messages as spam or nonspam and the filtering software learns from these judgements. Thus, a statistical filter does not reflect the software author’s or administrator’s biases as to content, but rather the user’s biases. For example, a biochemist who is researching Viagra won’t have messages containing the word “Viagra” automatically flagged as spam, because “Viagra” will show up often in his or her legitimate messages. Still, spam emails containing the word “Viagra” do get filtered because the content of the rest of the spam messages differs significantly from the content of legitimate messages. A statistical filter can also respond quickly to changes in spam content, without administrative intervention, as long as users consistently designate false negative messages as spam when received in their email. Statistical filters can also look at message headers, thereby considering not just the content but also peculiarities of the transport mechanism of the email.

All of our hosting packages have its SpamAssassin enabled by default.

Domain name anything.id will be launch on August 17, 2014. With the launch of these domain names, domain .id that previously could only be used in the form of Second Level Domain (SLD) such co.id, biz.id, my.id, ac.id, and so forth, can now be directly used in the form of Top Level Domains (TLD) .id.

Before the launch of the TLD, registry open special opportunities for SLD . id holders to register domain names anything.id on priority period April 21st to June 13th 2014. Owners of domainname.co.id, for example, can register domainname.id.

Requirements:

• Applicants are Indonesian citizens who have an official identity card (KTP / SIM / Passport).
• SLD domain users that can register the TLD .id is, net.id, biz.id, or.id, web.id, my.id, ac.id, sch.id, desa.id, go.id, and mil.id registered before April 21st 2014.
• The domain name is registered at the SLD .id.
• Domain format is: [Domain Name]. id.
• Domain consist of a – z, the numbers 0 – 9, dan strip.
• Domain length at least 5 characters and maximum of 63 characters (domain registration less than 5 characters can be done with special permission from registry).

Administration Fee: Rp 250.000, – (one time cost)
Acquisition Cost: Rp 2.500.000, – (one time cost)
Annual Cost: Rp 500.000, – (pay to domain registrar after approval)

After signed up with our web hosting you will be able to use professional looking own domain email yourname@yourdomain.com. However your existing customer might still recognize your free email.

Checking several inbox will be time consuming. To overcome this, we can make use of email forwarding. Email forwarding is an email feature to automatically forwarding email received on one email to another email. So you just need to check one email account.

Below is step to set up email forwarding on popular email provider:
Configuring Email Forwarding on Gmail
Configuring Email Forwarding on Yahoo

Usually mail provider required you to click verify link on email to proof that you are the owner of the destination email that request email forwarding. This is to prevent abuse user to forward unwanted emails to you.

More and more peoples are searching products through the internet. Even we are often use search engine to find product we want to buy. This is the time to make we as the search object.

Website cost is very cost efficient compared to newspaper or even tv ad. Website is open 365 days a year, meanwhile ad on newspaper only for several days long, and tv ad only last a few seconds.

Having a website for you business will increase your sales. We can be a candidate to be shown on search engine when other people is searching for product that we sell. They also can share our website link with friends if they like our product and service.

Website has largest potential visitor scope, your customer can come from around the world. Tv and newspaper audience often in a city or nation scope.

An important point to have website is to increase trust. More trust mean more sales. Customer will think that we have a legitimate business if we have website. Self owned domain email also important to make relation with vendor. Some vendor even will reject order come from free email provider.

Internet users have increase exponentially. More peoples getting easier to have internet access.

We should not missed this opportunity before competitors do.

The Heartbleed bug is a serious vulnerability in OpenSSL 1.0.1 through 1.0.1.f.

This vulnerability allows an attacker to read chunks of memory from servers and clients that connect using SSL through a flaw in OpenSSL’s implementation of the heartbeat extension.

OpenSSL provides critical functionality in the internet ecosystem, and therefore vulnerabilities, such as Heartbleed, have a significant impact on digital communications and their integrity.

we had regenerate SSH key as well as reissue all SSL certificate in use in order to protect customer datas.