Detecting Anonymously Registered Domains 97
Spamresource.com has up a piece describing a new service that could be useful in evaluating the reputation of sites you deal with — anonwhois.org returns information on domains registered anonymously. It provides a DNSBL-style service that "is not a blacklist and wasn't meant to be used for outright rejection of mail." Only 619,000 domains are listed so far, but more are added as they are queried, so the database will grow more complete. Anonwhois.org seems to be a sister site to Spam Eating Monkey.
Continued misuse of blacklists (Score:5, Insightful)
It provides a DNSBL-style service that "is not a blacklist and wasn't meant to be used for outright rejection of mail.
Which of course means that in a year or two us mail administrators will start encountering mail servers that have been setup to reject mail based soley on them being on this blacklist.
Re:Continued misuse of blacklists (Score:5, Informative)
It provides a DNSBL-style service that "is not a blacklist and wasn't meant to be used for outright rejection of mail.
Which of course means that in a year or two us mail administrators will start encountering mail servers that have been setup to reject mail based soley on them being on this blacklist.
Yeah, I urge everyone to exercise caution here ... I looked at the stats [anonwhois.org] and was a little concerned about 123k domains (20%) being domains by proxy. I host a site as a hobby and enjoy tinkering with forums and the like on it. I also don't like the idea of someone looking up my home address via whois and showing up at my front door to complain about something someone said on one of these forums. As a result, I opt for my ISP to be my proxy on the registration of the domain. Now, I know you think that means I have something to hide but I just really don't want my address and name out there because all I would have to put there is my house address.
Granted, my domain's not no the list and I'm not using it as a mail server (yet), I sympathize with hobbyists, non-profitable sites and people who value privacy. Keep that in mind if you're going to utilize this site as an auto-reject authority.
Re: (Score:2)
very single domain involved in spamming or hosting landing pages ARE registered anonymously or have fake contact details, because the lowlife, scumsucking, asshole criminals behind them DO have something to hide. If you want to set up a mail server on your anonymously registered hobbyist domain ... well ... good luck with that. Just another thing you can thank the spammers for.
So obviously the correct response to this is to block anyone with an anonymous registration. Shall we apply similar logic to forums? If so , you wouldn't be allowed to post here without including your home name address and phone number. After all, forum spammers always register under fake names.
I get it though. It's definitely better to blame the victims for the troubles that spammers cause, and punish them in the name of punishing spammers. Tha
Re: (Score:1, Interesting)
I never said anything about blocking anyone, but I WAS trumpeting the usefulness of real contact data on domain registrations. As with all other black lists, it's advice you take or advice you don't take. Uninformed decisions are the domain of kneejerks, feelgooders and people who are out on a mission, not professionals whose job (or reputation) hangs in the balance.
I'll start looking up everything on this list, and if 99% of what is otherwise considered spam is also on the list after a few months, I'll sta
Re: (Score:2)
I am not sure I agree. Anonymity on the internet is valuable and important. A domain is kinda formal though. Slashdot for instance is somewhat responsible for the content here. They don't need to really police it but if it were brought to Taco's attention people were arranging drug deals or something they would be obligated to help, the authorites.
All and all I think its a good point of balance; if you are going to have your own domain there should be a responsible part that can be easily determined and
Re: (Score:1, Redundant)
There is already - you contact the email in the whois (if there isn't contact info on the site). In some cases it's unique email that goes directly to the site owner, sometimes you have to specify the domain in message and they send it to correct owner. In either case you will get the email delivered. If authorities need to contact the domain owner or know who it is, registrars will give them the info. Anonymous whois data doesn't mean you can break laws and do whatever, it just means that spammers/weirdos/
Re: (Score:2)
That is my point though with proxy registered domains I very often don't have away to contact the responsible party. I am network administrator. I frequently use whois to find out who to call when there are issues relaying e-mail; or I am being spam by that domain, and various other reasons.
Generally people who are registered in who is tend to be available and get in touch with each other. We usually can figure out what the problem is and whose problem it is, efficiently and get the issue resolved for ou
Re: (Score:2)
My solution is to determine who is hosting the abusive domain (just look up the netblock owner on netcraft, that's usually good enough), then complain to the web host. So far it's worked every time, and I don't need to know the domain owner's name, contact info, or anything else about 'em.
Re: (Score:1)
Yes and no. At any rate, it's no where near as simple as you make it sound. The proper, legal, paperwork littered path takes weeks if not months. And there's no way to know if the information given to the proxy is bogus or not. There are thousands of public registered domains with BS contact records. (and many are immediately obvious) I'm pretty sure bogus information is given to Domains By Proxy as we
Re:Continued misuse of blacklists (Score:5, Interesting)
Anecdotes are not data (and a mailbox works as a contact address).
Maybe in the US. What do you suggest those in the other countries, which have dropped the usage of mailbox addresses, do? No, I'm not putting my home address on the internet, and no, I'm not registering a costly company (with all the tax filing and other things) just so I can register a domain for a hobby site.
Everyone should also be able to be tell their opinion anonymously (interestingly you also posted as anonymous coward).
I'm waiting for your insightful answer.
Re: (Score:1)
And when will people learn there is no such thing as "anonymous"? Esp. online.
If you don't want your name associated with your (home) address linked to a domain name -- which is yet another public record -- then don't register a domain in your name with your home address.
Re: (Score:2)
What address do you use, then?
I think the UK way of doing it is right - let "non-trading individuals" have an option to hide their address but make companies show it. That way the ones you need to have an address for to help with trust issues (companies) have the details shown and those who don't show it (individuals and hobbyists) still have it recorded in case of legal proceedings, but their home address isn't there for every crazy nutjob to see and associate with a domain. The .com method of making every
Re: (Score:3, Interesting)
Operating a server with internet services is contrary to popular belief not for amateurs and basement dwelling guys of the "Hmmm. Lemme se how this works. Ooops!" persuasion. The internet is a global collaboration based on informal (and some not so informal) rules. It's not a testing ground for stuff you found on Google or software you downloaded from Sourceforge.
Wow! The internet is some serious shit! I thought I would just log on and, like, clear up the tubes and make a really wicked site, brah! So tell me, how do I get to be as fucking awesome as you if I can't tinker with hosting a real server with real internet services on the real internet?
Do you imagine that I am paying $70 a year to a web hosting company so that I can open all the ports on their servers, drop my pants, bend over and wait for the first botnet to have their way with me?
Contrary to
Re: (Score:1)
And the internet has changed a great deal over those 12 years. I've been around the internet for ~20 years... before there were firewalls, back when spam was a caned meat product. The internet didn't consist of millions of complete morons trying to make a buck (which is where SPAM came from), bored teens out to break other peoples stuff, or thugs, gangs, and other criminal organizations out to steal and extort money from anything they can find. (phishing, fake websites, botnets, trojan keyloggers, etc.)
Si
Re: (Score:3, Insightful)
"It's not a testing ground for stuff you found on Google or software you downloaded from Sourceforge."
Now, that's an interesting take. I mean, the internet was BUILT by people doing that sort of thing, wasn't it? Geeks and nerds finding ways to do cool stuff. You're suggesting that the days of innovation are over, and everyone needs to toe the line, or the internet police will come calling?
Granted, I understand what you're trying to say - there is a lot of serious business conducted on the internet, and
Re: (Score:1)
that is what PO boxes are for, unless i misunderstood something. They can still call you, but they can't drive to you.
I have a domain thats been up for 4 and a half years, mild traffic, and i have yet to have someone call me or knock on my door.
I have gotten spam mail about switching to another domain register and paying $60 a year for basic services, like DNS.
Re: (Score:2)
In some parts of the world, PO Boxes are not particularly cheap and are absolutely not anonymous. In the UK they cost a bunch (I forget specifics, but it's waaay more than an extra $9 per year for each of the few domains I have set up with DBProxy), and ANYBODY can obtain the name and real-address of the owner simply by writing and asking the Royal Mail.
That's right - no court order, no lawyer intervention, just ask. (There are some specific cases where that doesn't apply, but the general "there are dickhea
Re: (Score:1)
Re: (Score:2)
From the Royal Mail website : "A PO Box® costs just £62.85 a year or £51.00 for six months." ... £192 per year, another company won't say, a local provider £240/year. Not exactly a cheap option.
Not particularly cheap.
Personally, at that sort of price I'd be tempted to persuade a big, old and ugly friend to give me a "care-of" service : all addresses "care of Big Ugly Bastard, [address]".
Other providers
Re: (Score:2)
Why do you insist on blaming 'everyone' for the stupid actions of a few? Keep your hands off our black lists dammit!
It sounds like he was simply pointing out the likelihood that some idiot mail admins will end up misusing this in a way that punishes everyone for the actions of a few. Unless you were intending on doing that, it was not referring to you.
Re: (Score:2)
Jeez man, chill.
Stupid (Score:5, Insightful)
In 2010, who *doesn't* use a "hiding" service for a domain? For fifteen years now you'd basically have to throw away any e-mail address on a domain, and get inundated with physical spam on any mailing address used.
Black listing domains because the owner doesn't want to deal with jackass spammers and bulk mailers is just stupid.
Re: (Score:2, Funny)
In 2010, who *doesn't* use a "hiding" service for a domain?
Many legitimate companies like to clearly indicate who they are. For example, IBM.com is listed as:
Registrant:
International Business Machines Corporation
New Orchard Road
Armonk, NY 10504
US
Administrative Contact:
IBM DNS Admin dnsadm@us.ibm.com
IBM Corporation
Re: (Score:3, Interesting)
Re: (Score:2)
On the other hand, how many people put up their DOB on their websites?
May I remind you that Facebook is a website too?
Re: (Score:3, Insightful)
This has to be the brainchild of a spammer or someone who hasn't been a domain owner for very long (if at all).
The parent has a VERY good point about scammers and spammers scraping whois for personal information to use for whatever nefarious purpose.
Consider also that for the many people who register their own domains, the address listed is their personal physical address.
Anyone who ISN'T using an anonymizer is opening the floodgates for scamming and spamming.
Re: (Score:2)
Some people are so anal-retentive that they just can't deal with an "invasion" of their personal space by something as disorderly as spam. So rather than deal with their own psych issues, they inflict 'em on the rest of us.
Yeah, spam sucks; yeah, spammers should die horribly. But that doesn't mean everyone else should be forced to suffer MORE spam (or in some cases, a very real fear of exercising free speech) so that some people can have an utterly orderly universe.
Re: (Score:1)
Domain registration doesn't ask for anything that isn't public knowledge already. All proxy services do is hide who actually uses the domain. By ICANN rules, the proxy owns the domain; they are the registrant. They can do whatever they please with "your" domain and you have little power to stop them. And of course, you have to pay for the service.
Re: (Score:3, Informative)
I use a PO Box for my domains and don't put my real name on anything I register. It at least keeps away most crap. For email, I always just list a GMail address now and they do a pretty good job filtering out any spam I may get through it.
Re: (Score:1, Insightful)
And you do realize that, in the United States, it is a PMITA Federal Crime to register a domain with false information.
Absurd, yes. But true.
Re: (Score:1)
No, it is not. Back that up with the actual law there Anonymous Coward.
Re: (Score:1, Insightful)
I don't use a hiding service. I've owned my domains for 10 years. My name, PO BOX, and phone number are all real. I can't really say it has been an issue.
I realize the irony of posting as anonymous coward, but every time I create an account I get modded down as flame bait for being a m$ fan boy.
Re: (Score:1)
I've had domains registered in public for many years. I get almost NONE of what you whine about. Yes, I've received some postal mail over the years -- mostly Register.com bullshit trying to scam away one's domain registration. I've received many orders of magnitude more junk mail (postal mail) from "mortgage insurance" crap, car warantee crap, various retirement related shit, credit card offers, and so on. Spam is next to nothing even though it's in the whois data and dozens of archived, searchable emai
What's the point? (Score:3, Insightful)
Congrats, you are the proud owners of a text parsing machine.
Re: (Score:2)
This place:
http://www.lawndartparts.com/ [lawndartparts.com]
sells the parts on their own, so you wind up paying around $200 for a whole set, but if you really want them, you can get them.
Re: (Score:1)
Dumb idea. (Score:3, Insightful)
I can't think of a good use for this flavor of dnsbl... too little correlation with anything that matters. A lot of privacy-conscious domain owners use private registration, and it has nothing to do with using the domain for spam or other nefarious purposes.
Fake Chinese Addresses (Score:2)
Fake whois info (Score:2)
I'm not a spammer, so why should I be honest and publish my true whois info? Whenever I do, cold-callers bug me at 11pm for security systems, credit cards, and worse; if I leave for more than 5 days my mailbox gets so full of junk mail they stop delivering until I go downtown for it. And since I am not abusing anyone, no one has a concern about how to call me, except those that want to spam me -- am I truly the scum of the earth for hiding? Or why should I pay for a po box and answering voicemail for the
Re: (Score:2)
Use a proxy service. It's not fake info, but it adds a level or indirection.
Re: (Score:2)
RTFA jackass, it's proxies that are getting listed.
Re: (Score:2)
Fair enough. Though marking down for using a proxy service (often provided by the registrar) seems like a really, really bad idea. My whois information isn't inaccurate, fake, or anonymous. It's closer to a pseudonym, since I can still be contacted easily.
On the other hand, I've seen people putting in fake information. Then, you can't contact them at all. Shouldn't that be the problem?
Re:Fake whois info (Score:4, Informative)
10 domains at $9/yr each for privacy gives $90/year extra. A PO box costs $45 or so a year. For any more than 5 domains, it's cheaper to go the PO Box route.
Re: (Score:2)
In order to avoid the overpriced fees for that, I just got a PO box and use an invalid phone number.
10 domains at $9/yr each for privacy gives $90/year extra. A PO box costs $45 or so a year. For any more than 5 domains, it's cheaper to go the PO Box route.
Hate to tell you this, but most registrars/hosters provide the service for free. I have a dozen or so domains, all use whois privacy proxy, and I've never paid a penny for it.
Re: (Score:2)
- Then you're using false WHOIS info, which is against ICANN policy. It seems you're agreeing with the GP - WHOIS data gets abused, there's a good reason to hide it. .ca, for example - it's turned on by default.
- Domain protection varies with registrar.
Re: (Score:2)
- Then you're using false WHOIS info, which is against ICANN policy. It seems you're agreeing with the GP - WHOIS data gets abused, there's a good reason to hide it. - Domain protection varies with registrar. .ca, for example - it's turned on by default.
The PO box is valid and real. Heck, sometimes I even check it. You got me on the phone number though - perhaps a better alternative would be an internet-based phone account, still cheaper. And yes indeed, I do think that there's a good reason to hide it. My point is that a PO box is just as anonymous as domainsbyproxy et al. It still allows you to give legitimate contact information, not worry about phone calls, and is cheaper than many commercial services dedicated providing that service.
Re: (Score:2)
Sounds like we're in accordance except for a few things. Other fringe benefits of having anonymised info:
1- Easier to manage (data, versus physical drop box) :)
2- The mailbox method isn't so anonymous: Say you have 10 domains, all with your PO box in the whois info.
Say on one of your sites, you have your name / email. Suddenly, you've just revealed yourself as the person who owns all those domains.
With domainsbyproxy / etc - you're one of x million people using it - anonymous
Re: (Score:2)
Do you expect me to pay $60 a year extra to rent the smallest sized PO box just for a domain I'm using for email? And my friend who does the same thing should pay as well?
Re: (Score:2)
If you register your domain through Dreamhost then you don't need to pay for privacy.
Re: (Score:2)
If you do that you run the risk of getting reported to ICANN [internic.net].
Re: (Score:2)
Whenever I do, cold-callers bug me at 11pm for security systems, credit cards, and worse; if I leave for more than 5 days my mailbox gets so full of junk mail they stop delivering until I go downtown for it.
Are you certain that's from domain registration? Nothing of the sort has ever happened to me, and I have not hidden my domain info.
I got one or two "renewal notices" from DROA over the course of a decade, not much else.
You can be certain by selective falsification and then watch the incoming physical spam. Slightly inaccurate spelling, etc.
Re: (Score:2)
Yea, same here. I've had my main domain for 10 years now. I use a whois specific e-mail and occasionally get an e-mail from someone in China trying to convince me to get an equivalent Chinese domain for one of the 13 or so I run. I get more e-mail from some film guy trying to get one of my domains than the folks in China though. Every few months it's, "you're not using the domain, can I have it?" "Look dude, just because you don't see anything on port 80 doesn't mean I'm not using it." Heck now I can't eve
Re: (Score:2)
I really don't know how this happens, to be honest. I've had domains (I own about two dozen) registered with my personal contact info, completely legitimate and valid, since....
Created On:16-Jul-1996 04:00:00 UTC
and I have yet to get a single cold-call on my personal phone number (listed in the WHOIS database).
I'm not going so far as to say "you haven't", but my personal experiences owning my domain for 14 years do not match up with your fear.
Easy work-around (Score:2)
This will only get misused (Score:3, Insightful)
While that is certainly a use for anonymous registration, there are a lot of us who register anonymously to avoid having our names and addresses unnecessarily exposed to spam and risk of identity theft.
Re: (Score:1)
The problem here ist the underlying assumption that using anonymous registration makes you a spammer.
Using bittorrent makes you a pirate too.
And being muslim makes you a terrorist
and being old makes you wnat to have a nice (unfootprinted) lawn... etc.
Re: (Score:1)
Re: (Score:2)
It doesn't make you a spammer. Just less trustworthy. Who people want to receive emails from is up to them. And if they decide they don't want emails from people who have registered their domain anonymously then so be it.
I agree, except for the part where a single policy maker can prevent millions of people from receiving those emails. It's not like individuals always have a choice in this.
Jeebus (Score:1, Interesting)
This is just more kdawson FUD.
I thought he was relegated to the night shift. Guess not.
Everyone in Canada will end up on this list (Score:5, Informative)
CIRA (the ".ca" registry) has a feature called "whois privacy" which hides the information of individuals who register domains by default. Only businesses get their information published in the whois database (by default - individuals and businesses can turn this on or off, although businesses need to provide CIRA with a good reason why they want their whois info hidden).
Re: (Score:2)
It is the same for Nominet, the .uk registry. I believe EU law requires them to do that.
Re: (Score:2)
The Norwegian TLD has no privacy option - if you want to use the .no domain, you need valid contact details. There is no option for individuals, as you have to register a company to be allowed to buy .no domains anyway. That's why I recommend .com/.net/.org addresses for everyone (or some other TLD which isn't too suspicious-looking ;), since domain privacy is now part of the price anyway.
Re: (Score:2)
Doesn't that hurt the private registration companies?
Contact! (Score:2, Interesting)
Reasonable idea (Score:1, Flamebait)
That's a good idea. We do something like that at SiteTruth [sitetruth.com], where we down-rate commercial sites that don't have a real-world contact address on the site. We're looking at user-visible pages, though, not WHOIS. WHOIS data quality is too low.
I'm all in favor of this sort of thing. But don't drop the messages silently; reject them during the SMTP session if you can, or send a mail bounce if you can't. There's much to be said for having a hard-ass attitude about this, but you have to handle the false posi
Re: (Score:1)
Re: (Score:1)
Also, quit whining that putting your real name on your WHOIS registration will get you annoying phone calls, threats, or whatever. I've had my real name and contact info on all my web sites and WHOIS information for a decade, and that's just not happening.
Ah, so your logical conclusion is "Since it's never happened to me, it doesn't happen. Period". Brilliant, Sherlock.
Anonymous registration is necessary (Score:2, Interesting)
Re: (Score:1)
Name, address, etc. are not exactly private information to begin with. The only thing they want ("need") hidden is their association with a domain. One court order and it's not hidden anymore. One hack, and none of them are hidden. In most respects, if they don't want to be associated with what they're doing, they probably shouldn't be doing it. (or should find some other venue.)
And for the record, I don't know of any registrar who looks very closely at the registrant data. (even when it's pointed out t
Re: (Score:1)
The "if they need anonymity, they're doing something bad" argument is a poor fallacy that's been exposed multiple times. It's the online version of "Well, if you're not doing anything wrong, why do you need privacy?" Why should someone who wants to write a blog about shady dealings at their work be forced to put themselves at risk? Or even
Re: (Score:1)
If they own any property (namely their house), then they most certainly do have their name publicly associated with their address.
I would say there's no "intrinsic need" to hide one's identity either. As I said, if you don't want to be associated with what you're doing, you probably shouldn't be doing it. No one is "forced" to bad-mouth their employer. Whistle blowers have ways of doing so without putting their own lips on the whistle.
I would certainly hope you guys have a good team of lawyers on staff.
Not a problem (Score:2)
rfc-ignorant.org already does this (Score:3, Informative)
This sounds a lot like the whois DNSBL service by rfc-ignorant.org, which has been around for much longer. Why do we need another one?