elind Posted January 30, 2009 Posted January 30, 2009 I sometimes notice on spamcop reports that the contact email for a report is something like a yahoo or gmail address, but the spam has no connection with yahoo or similar. Also the name is typically a person, rather than "abuse" or something like that. Of course I also see many individual names on reports to Hungary and Russia and other black holes. The question is simply, are there any firm rules about such matters? Are registrars (not that I know how the system works) not required to uphold any particular standards and could one not do a whois lookup and inform the registrar if there was a violation, if one had the time to do so?
Telarin Posted January 30, 2009 Posted January 30, 2009 Nope, a domain registration does not have to include an email address, much less an email address at a particular domain. However, the information that is provided is required to be correct, so if you find an email address listed in a domain registration record that does not work, you can inform the registrar, and theoretically, they are required to contact the registrant and inform them of the problem.
rconner Posted January 30, 2009 Posted January 30, 2009 I sometimes notice on spamcop reports that the contact email for a report is something like a yahoo or gmail address, but the spam has no connection with yahoo or similar. Also the name is typically a person, rather than "abuse" or something like that.Nothing suspicious there. Of course I also see many individual names on reports to Hungary and Russia and other black holes.Not all Russian or Hungarian addresses are bogus, this isn't by itself suspcious either. Certainly if the IP address were in a Russian net block, one would expect the contract address to be with a Russian ISP. IF the block is small or does not have an MX host in it, then these would be excellent reasons for using an "outside" address. The question is simply, are there any firm rules about such matters?I think the policies for IP-WHOIS vary among the regional internet registries. The policy for domain registrations (which do not come into SpamCop's sights) is more uniform, but is also distinguished by soporific lack of enforcement by registrars and by ICANN. Since IP addresses are more "valuable" than domains (i.e., IPs tend to get allocated to "responsible parties" whereas domain names can be assigned to anyone with $10 left on his Visa card) I think there may be less problem with bogus contact data in the IP-WHOIS world. That said, I do see the occasional spam that traces to an address that has NO e-mail contact data in the IP-WHOIS data (not sure how this happens). -- rick On edit: Started to addrss domain-WHOIS, but realized that it doesn't apply here.
Wazoo Posted January 30, 2009 Posted January 30, 2009 Are registrars (not that I know how the system works) not required to uphold any particular standards and could one not do a whois lookup and inform the registrar if there was a violation, if one had the time to do so? The bottom line is that the only data actually needed/required is to allow a method of contact between the Registrar and the 'customer' ... that may be a phone number (voice or FAX) an e-mail address, a street address .... on the food side of things, there probably isn't much contact beyond the "next bill is due" dialog, and if the 'cunsomer' takes care of that before the end-date, even that correspondence wouldn't be needed. There are the Registrars that offer "protected" modes by providing their own details in the WHOIS data, basically to protect the customer's e-mail address from scraping ... allegedly handling any other incoming correspondence to that Domain owner, either directly or forwarding it on. Enough violations have occurred over the years, coupled with Registrar inactivity that ICANN set up a reporting page just for that purpose. Some folks have had some success at getting something to happen that way, others have not been so lucky ... but part of that may be based upon the content/details (pr lack thereof) provided in the complaint.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.