nanog mailing list archives
Re: 'Whois protection service'
From: Joshua Brady <somitho () gmail com>
Date: Wed, 26 Jan 2005 22:47:58 -0500
On Thu, 27 Jan 2005 16:26:00 +1300 (NZDT), Mark Foster <blakjak () blakjak net> wrote:
Hi folks.
Hello Mark,
Don't post a lot here but i'm figuring you folks will know more about this than my local NOG...
Glad to have you on NANOG.
When investigating a host that spammed me today, I noted that when I whois'd the domain that the mailserver involved has forward/reverse dns pair for, the domain whois information comes up as follows: Found crsnic referral to whois.enom.com. Registration Service Provided By: Registerfly.com Contact: support () registerflysupport com Visit: http://www.RegisterFly.com Domain name: xmux.com Registrant Contact: RegisterFly.com - Ref# 14155933 Whois Protection Service - ProtectFly.com (14155933.fly () spamfly com) I'm unsure how appropriate it is to post anything more specific in the open forum, but i've never seen this before. Whats the deal with hiding a domain name owners true identity? Is this not simply yet another protect-the-spammers mechanism?
It will probably be called off-topic, flamed and dragged through the mud, yet to answer your question. It is fully legit, yet it does have its bad sides. I use it personally to keep prank callers from calling me directly. [soms@posche /]$ whois somsworld.com [Querying whois.internic.net] [Redirected to whois.godaddy.com] [Querying whois.godaddy.com] [whois.godaddy.com] Registrant: Domains by Proxy, Inc. 15111 N Hayden Rd., Suite 160 PMB353 Scottsdale, Arizona 85260 United States Registered through: GoDaddy.com Domain Name: SOMSWORLD.COM Created on: 25-Aug-04 Expires on: 25-Aug-05 Last Updated on: 18-Jan-05 Administrative Contact: Private, Registration SOMSWORLD.COM () domainsbyproxy com Domains by Proxy, Inc. 15111 N Hayden Rd., Suite 160 PMB353 Scottsdale, Arizona 85260 United States (480) 624-2599 Fax -- Technical Contact: Private, Registration SOMSWORLD.COM () domainsbyproxy com Domains by Proxy, Inc. 15111 N Hayden Rd., Suite 160 PMB353 Scottsdale, Arizona 85260 United States (480) 624-2599 Fax -- Domain servers in listed order: NS1.HITMANIT.COM NS2.HITMANIT.COM
I followed up the chain - the authoritive DNS servers for the domain in question are hosts within a different domain, and this also has the same protection engaged.... Is this old hat or something new? Is this still conformant to standard .com/net registrant rules and regs? (here in .nz, the registry information is required to be current and valid, and i've never seen a Registrar pass itself off as the owner of a domain before (at least in any legitimate situation))
It is all current information, and valid. I have gotten letters passed through to me from godaddy. Its a perfectly legit situation. Yet in your case it may not be, and it may be used to hide the person.
Thanks in advance, Mark.
-- Joshua Brady
Current thread:
- 'Whois protection service' Mark Foster (Jan 26)
- Re: 'Whois protection service' Joshua Brady (Jan 26)
- Re: 'Whois protection service' Valdis . Kletnieks (Jan 26)
- Re: 'Whois protection service' Mark Foster (Jan 26)