At least for sites where I am expected to leave money (web shops) that would mean aggressive blocking of subdomains (just for security reasons).<p>I never cease to be astonished of stupidity. I can imagine that this tactic leads to all sorts of liabilities for the primary domain owner. Finally someone will deliver malware via this route.