On Wed, 1 Mar 2000, Kevin Day wrote:
NSI seems to have modified their WHOIS response format again, now including full information about each contact. Again, this broke one of my scripts since nothing is where it's supposed to be. Didn't they promise before to notify people before they did this again?
They've done more than that. For example: $ whois -h whois.networksolutions.com 'dvdreviews.com' Yields the whois.crsnic.net data. I've been seeing this pop up whenever I run a particular report which involves yanking down whois data for about a week now. As near as I can tell, it's happening to domains placed on hold for non-payment, although I've got quite a few unpaid domains on our nameservers right now that still come up as expected. Over last weekend, I was also seeing random corruption of outputted whois data, over most queries I tried making. Earlier this week, I was seeing whois output from crsnic that, while it appeared kosher, was just plain wrong; a second request for the same data five minutes later would return the correct output. I've given up hope on whois at this point. My stock answer to people now is, "We don't know why your domain has been taken out of the root servers, here's Network Solutions' support number, plan on being on hold for a while, best of luck".
I'm not sure if this is intentional or not, but it's really ugly. If it's a bug, yuck.
If you're parsing the whois output at all, parse the output of "dump <elem>" instead; for example: $ whois -h whois.networksolutions.com 'dump dom logic.net' or, for handles... $ whois -h whois.networksolutions.com 'dump han em69' That will give you results which are far easier to parse. I haven't seen a format change in that output that has affected any of my scripts since I found out about it over a year ago. -- Edward S. Marshall <emarshal@logic.net> http://www.nyx.net/~emarshal/ ------------------------------------------------------------------------------- [ Felix qui potuit rerum cognoscere causas. ]