nanog mailing list archives
Re: register.com down sev0?
From: Jeremy Chadwick <nanog () jdc parodius com>
Date: Fri, 27 Oct 2006 23:12:18 -0700
On Sat, Oct 28, 2006 at 12:39:31AM -0500, Chris Owen wrote:
The spam I got was directly from register.com. It came with a register.com return email address, pointed to a register.com web site and came from an IP address the resolved to *.register.com (I will admit I didn't confirm the netblock belonged to them). I've never done any business with them and the spam was for a domain name "renewal" for a domain registered elsewhere. In other words, it was a classic whois scrapped spam.
Some clarification: the information is probably not being "scraped" via WHOIS. You're not allowed to scrape via WHOIS. Deceptive companies who want to get around this simply buy the WHOIS records (I should be more precise: the data that would appear in a WHOIS lookup) from the registrar directly. I can point you to an Email thread discussing this find, which includes couple statements from OpenSRS's Product Manager (who in a roundabout way admitted that anyone can buy their WHOIS database), if you'd like. This doesn't explain the spam, but it I really do not see any purpose to buying a registrar's copy of customer WHOIS records other than for mass-marketing. This is bad business in general.
As I've previously said, this isn't like its some sort of borderline case where someone in one part of the company is doing something that someone else doesn't know about. These guys are pretty hard core. I'd say I get 20-30 emails a year from them for various domain names I'm a contact on. I've also received USPS spam which is another story but no less unethical since they are all these BS "renewal" type letters. They might not be "Domain Registry of America" but they are hardly innocent.
I've mentioned this on NANOG before. See the thread about why I refuse to put legitimate contact information (Email contact information is always valid; just not the address or phone number) in our domain WHOIS records. The DROA is half of the reason; the other half is what I described above. The entire situation is depressing, solely because ICANN is doing absolutely nothing to try and stop this sort-of behaviour (both what the DROA does, and registrars selling their customers' WHOIS records to whoever bids the most for it). -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Current thread:
- Re: register.com down sev0?, (continued)
- Re: register.com down sev0? Chris L. Morrow (Oct 26)
- Re: register.com down sev0? Fergie (Oct 26)
- Re: register.com down sev0? Daniel Senie (Oct 26)
- Re: register.com down sev0? Chris L. Morrow (Oct 26)
- Re: register.com down sev0? Fergie (Oct 26)
- Re: register.com down sev0? Tony Li (Oct 27)
- Re: register.com down sev0? Charles J. Knipe (Oct 27)
- Re: register.com down sev0? Albert Meyer (Oct 27)
- Re: register.com down sev0? Donald Stahl (Oct 27)
- Re: register.com down sev0? Chris Owen (Oct 27)
- Re: register.com down sev0? Jeremy Chadwick (Oct 27)
- Re: register.com down sev0? Donald Stahl (Oct 28)
- Re: register.com down sev0? Patrick W. Gilmore (Oct 28)
- Re: register.com down sev0? RL Vaughn (Oct 28)
- Re: register.com down sev0? Albert Meyer (Oct 27)
- Re: register.com down sev0? Gadi Evron (Oct 27)