Last night a friend noticed that using his domain there were a couple spamhosts floating around on the Internet promoting the usual (porn, cialis and the like). We host(ed) his DNS through everydns.net's free service (which aside from one downtime and this incident has been outstanding over maybe six or eight years). It's a free service, powered by donations.
Here is the run-down
The DNS (Domain Name System) is used to map fancy hostnames to IP addresses, so for example whenever you go to www.google.com, the name servers listed on google.com make sure that you are send to the correct computer so you can do your search.
My client's domain: example.org
The spam host: freejoin.example.org
How did it happen?
Everydns.net treats all domains equal, so when we put ns1 through ns4.everydns.net on the domain as authoritative nameservers, the abuser added freejoin.example.org to his account on everydns.net and added a dozen of hosts "beneath" it to advertise their services.
I am surprised that no one had noticed anything like that before.
Solution
In this case we moved the DNS to another server and that fixed the situation for us.
David Ulevitch, the owner/founder of everydns.net, was notified (2008/05/04) prior to writing this blog post and he let me know that the bug is being fixed.