I’m sure this is old news to some people but it’s the first time I’ve seen it show up in my logs before. In the last twenty four hours three different hacked .edu domains have shown up in my logs. Stanford.edu, UCNE.edu and ISI.edu have all been at least somewhat compromised where the domains now host spam sites. Not so good.
Clearly the administrators of their domains have got some work to do to secure their sites. But it does cast some doubt on the “good” and “bad” domain concept. When a good domain goes bad, is it breakout (intentionally getting a good reputation and then converting to be bad) or is it spam? Either way, it’s clearly bad, but what to do about it? Do you blacklist the pages or the whole domain? That’s gotta make life a little harder for the search engines that try to stay away from spammy domains. Perhaps reputation and link popularity is a bad model afterall.