What the New Canadian Anti-Spam Legislation (CASL) Actually Means

Last week I became aware of a flurry of attention around forthcoming Canadian Anti-Spam Legislation. ITBusiness.ca ran a twitter round-up under the hashtag #BeCASLReady and suddenly it seemed this was the next big internet legislative thing to be aware of up here in Canada.

So after our cursory examination of the text of the legislation, here is our take on it and what it means (usual disclaimers apply, we aren't lawyers).

Read more »

Core infrastructure rebuild is complete

We posted a little while ago about upgrades we've been working on (infrastructure improvements).  We have now completed a second round of upgrades, this time a rebuild of our core infrastructure.

This system is running the latest XenServer and has network IO of 64Gbits/s .

This server farm is homogenous which makes it possible to perform live migrations.

A major change is that we're now using Juniper equipment and for iSCSI we're using CISCO catalyst.

We have full power redundancy with 6 power supplies in a blade system which is m1000e and equipped with Intel SSD drives. We took photos before and after so you can get a real sense of how much things have changed.



Green: trunk, black: primary iscsi, red: secondary iscsi, blue: internal, yellow: external

What's next?  We will build one more core cluster and create pool redundancy … so stay tuned :)

What We Are Doing About Chronic DDoS Attacks

[ Yesterday we started sending this in an email to all members on the system. We are posting it here for reference.  ]

The number of DDoS attacks directed against the easyDNS system (indeed across all DNS providers) has escalated this year and we wanted to bring you up to speed on measures we are taking to deal with this.

The big problems we face when a domain here is attacked is that we initially have to figure out who the target is, and while the attack is in progress, all the domains sharing the same name server delegations are impacted, sometimes moreso, sometimes not so much depending on the intensity of the attack and the seamlessness with which we can activate mitigation strategies with our mitigation partners.

We are admittedly not satisfied with how the last two DDoS attacks went. The August 12th attack was not very intense and should have been easily handled. It wasn't and it was the final straw in a string of disappointments here. As a result we've made a fundamental change in our mitigation partner strategy and it had already proved worthwhile during the Aug 28th attack. We continue to implement more improvements.

Additionally, starting this fall we will be moving to a new name server numbering scheme, one that will drastically reduce the number of domains that share a particular name server delegation.

This will give us the ability to instantly identify the target of a given DDoS and at the same time, limit the impact of the DDoS to the targeted domain(s).

Doing this requires some re-engineering on our part and the last of those updates are scheduled to be completed this fall.

We will send another email when we are ready to implement the new naming structure.

In the meantime, if you operate a mission critical domain which must have 24×7 DNS availability at all times, please read the following carefully: Read more »

Announcing: easyRoute53 adds Fully Managed option

Since we released our easyRoute53 interface for managing Amazon Route 53 DNS zones, we've had many customers take advantage of the ability to add redundant DNS service and have their easyDNS zone data automatically replicated on Amazon Route 53 nameservers – without the need for any custom programming.

There are, however, a few steps in the setup process for easyRoute53 that have not been as straightforward as they could be – since it required creation of an account and API keys with Amazon, separate billing from Amazon for DNS usage, and if anything went wrong on the Amazon side, you had to purchase additional support from Amazon or try your luck in the user forums.

To address these issues, we've partnered with Amazon and are happy to launch a new 'fully managed' version of easyRoute53 – we'll create Amazon API keys for you, easyDNS handles the billing, and as always, you can contact our clueful support team for assistance if you have any questions or difficulties.

To get started with fully managed easyRoute53, follow the steps outlined at http://www.easyroute53.com/managed.php

Announcing the Toronto Bitcoin Summit 2013

We're thrilled to be a part of the Toronto Bitcoin Summit 2013, the inaugural event to be hosted at The Academy of the Impossible. The Academy is an open source social enterprise operated by Metaviews Media Management.

Many of you may know Jesse Hirsh, a longtime media maven, hacker, broadcaster and visionary who is the driving force behind the Summit. Joining his team to put this together is HeavyComputing.ca (who happen to host some of the underlying guts of easyPress.ca) and easyDNS, the coolest domain company in the known universe.

Keep track of the program as it develops at:


We're looking forward to seeing you all there.


The Origin of the Gods


It's been awhile since we posted under the "Who Uses easyDNS" section. This morning I was perusing the daily changes for our nameservers and noticed the following domain just transferred in: originofthegods.com.

Having grown up on a steady diet of C.W Ceram, Greek mythology, The Golden Bough, et al I was pretty much hooked by the title. Read more »

DNSResolvers open resolvers will be shut down.

We recently made the decision internally that our DNSResolvers.com had to cease being open resolvers. We were still trying to figure out the best way to transition to an authenticated model gracefully.

However, tonight we were DDoS-ed against those open resolvers and while our core easyDNS authoritative DNS services were not impacted,  our customer environment was slightly degraded and URL forwarding and mail forwarding experienced slowdowns. So that settles it: the DNSResolvers.com publicly accessible resolvers are going away sooner than later.

We may offer authenticated resolver services for our customers in the future, but until we get there if you are using DNSresolvers now, you should switch away to another option immediately.

Two spring to mind: OpenDNS and Google's Public DNS.

DNSResolvers was free, it was not our core business, and we now exist in online environment where nobody should be running open public resolvers unless they are  devoting ample resources toward making sure they aren't part of the DNS amplification problem.  The moment it interferes with our core business (like it just did) is the time to jettison it.

Nobody wants their paid services degraded by a DDoS against some free service that gets rampantly abused and shouldn't be wide open anyway. We're sorry to have to pull the plug on it and we would appreciate your understanding.

P.S if you don't know what resolvers you are using, we have a tool for detecting that at MyResolver.com. If it says or then you are currently using DNSResolvers.com and you need to switch away.

This is what your registrar sees when your domain is seized under a sealed warrant.

We've commented before on the ramifications of US agencies operating via registry operators to seize domain names. What it effectively does is put all domain names registered under .com/.net/.org/.biz under the jurisdiction of US law, for better or for worse.

Although I have never heard of the domain name that was seized (it looks like one of those pharma sites based out of Russia), I still find the process somewhat unsettling as it makes clear that US policymakers or lawmakers can simply take any domain they want off the air first, and any questions about it have to be asked later.

As I wrote in "First they came for the file sharing domains" a few years back, it may just be some "pharma domain" today, but given the way things are heating up with whistleblowers and ever escalating government surveillance, who knows what tomorrow's "courtesy email seizure notice" will bring?

Hi! We've seized your customer's domain under a sealed warrant. Have a great day! *smooch*

Hi! We've seized your customer's domain under a sealed warrant. Have a great day! *smooch*

Read more »

Memo to ICANN: Registries Need To Price In Bitcoin

ICANN's job as an oversight body to the global naming system is (supposedly) to weigh the needs of all global stakeholders and to try to address regional, national and linguistic requirements. In practice, not much of this happens, so we're left with an internet where most domain name registrants are subject to US law and the whims (including bouts of cluelessness) of US policy makers.

One of the other ways in which domain policy and the competitive landscape is heavily skewed in favour of US based entities stems from the fact that most registries price their base wholesale costs in US dollars. As I wrote previously, this heavily favours US business participants in a scenario where the US dollar is weakening. Given the monetary policies of the last few years (and despite the current counter-trend rise in the USD), the USD is headed lower over the years to come and in doing so, non-US companies will be perpetually squeezed to keep pace with the downdraft while their US counterparts will simply be pricing in their native currencies and largely immune to these currency pressures.

IF ICANN were truly concerned with global governance and stewardship and IF they wanted to implement a system where international competition took place without home team advantage for the Americans (in other words, IF they wanted "a level playing field"), then they would be able to do this by having the registry operators start charging their registrar customers in a non-national currency, and by this I mean something like Bitcoin. Read more »

Announcing easyPress, managed WordPress hosting – high performance wp with built-in disaster recovery

It was nearly a year ago when Victor Granic asked to pick my brain around “how to build an awesome company” (Thanks Victor, that’s quite a compliment). He was building a startup that was doing a lot of WordPress development. Similar to the precursor company from which easyDNS came out of, they found themselves hosting their customers internally because it was (and still is, until now) difficult to find places that do managed WordPress hosting properly. (It’s not as simple as throwing the latest WordPress tar ball into a cpanel server somewhere. Anybody who’s ever had to run and maintain a production level WordPress installation probably already knows this.)

After we talked about the culture of a company, where it comes from and how to sustain a healthy one over the years, we had an idea: Why don’t our respective companies collaborate on a managed WordPress offering? Victor and his team would continue to build the guts of the hosting platform while we would be the DNS and failover layer and then support it. Thus, easyPress was born. Read more »

Status Updates

Receive new posts via email


easyPress.ca Managed WordPress Hosting
Fully Managed
WordPress Hosting, eh