On Sat, Oct 28, 2006 at 12:39:31AM -0500, Chris Owen wrote:
The spam I got was directly from register.com. It came with a register.com return email address, pointed to a register.com web site and came from an IP address the resolved to *.register.com (I will admit I didn't confirm the netblock belonged to them). I've never done any business with them and the spam was for a domain name "renewal" for a domain registered elsewhere. In other words, it was a classic whois scrapped spam.
Some clarification: the information is probably not being "scraped" via WHOIS. You're not allowed to scrape via WHOIS. Deceptive companies who want to get around this simply buy the WHOIS records (I should be more precise: the data that would appear in a WHOIS lookup) from the registrar directly. I can point you to an Email thread discussing this find, which includes couple statements from OpenSRS's Product Manager (who in a roundabout way admitted that anyone can buy their WHOIS database), if you'd like. This doesn't explain the spam, but it I really do not see any purpose to buying a registrar's copy of customer WHOIS records other than for mass-marketing. This is bad business in general.
As I've previously said, this isn't like its some sort of borderline case where someone in one part of the company is doing something that someone else doesn't know about. These guys are pretty hard core. I'd say I get 20-30 emails a year from them for various domain names I'm a contact on. I've also received USPS spam which is another story but no less unethical since they are all these BS "renewal" type letters. They might not be "Domain Registry of America" but they are hardly innocent.
I've mentioned this on NANOG before. See the thread about why I refuse to put legitimate contact information (Email contact information is always valid; just not the address or phone number) in our domain WHOIS records. The DROA is half of the reason; the other half is what I described above. The entire situation is depressing, solely because ICANN is doing absolutely nothing to try and stop this sort-of behaviour (both what the DROA does, and registrars selling their customers' WHOIS records to whoever bids the most for it). -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |