ICANN/DNSO
DNSO Mailling lists archives

[council]


<<< Chronological Index >>>    <<< Thread Index >>>

[council] Re: [nc-whois] WHOIS and SPAM - survey show no connection


philip....
 
i would have to strongly dispute this finding.. i have a series of specific email addresses i have used ONLY for domain name registrations and i get spammed regularly to these addresses..
 
i know many registrants who have similiar experiences as well..
 
personally, i have no problems with "stratified access" to whois data by parties with legitimate purposes but something has to be done to restrict the data mining being done (especially thru port 43 access) by parties whose primary purpose is "spam related"
 
ken stubbs
p.s. i have had numerous discussions with ip lawyers who act on behalf of their clients in registering domains and who regularly get spam messages which clearly
originate with data taken from whois records
 
----- Original Message -----
Sent: Wednesday, January 15, 2003 4:43 AM
Subject: [nc-whois] WHOIS and SPAM - survey show no connection

Steve, interesting to read the Security and Stability Advisory Committee recommendation on Whois. In relation to privacy you state: "it is widely believed that Whois data is a source of e-mail addresses for the distribution of spam".  This may be a wide belief but empirical evidence from the US Federal Trade Commission tells us otherwise. See the last sentence of the note below in particular.
Philip
------------------
To find out which fields spammers consider most fertile for harvesting, investigators "seeded" 175 different locations on the Internet with 250 new, undercover email addresses. The locations included web pages, newsgroups, chat rooms, message boards, and online directories for web pages, instant message users, domain names, resumes, and dating services. During the six weeks after the postings, the accounts received 3,349 spam emails. The investigators found that:
  • 86 percent of the addresses posted to web pages received spam. It didn't matter where the addresses were posted on the page: if the address had the "@" sign in it, it drew spam.
     
  • 86 percent of the addresses posted to newsgroups received spam.
     
  • Chat rooms are virtual magnets for harvesting software. One address posted in a chat room received spam nine minutes after it first was used.

Addresses posted in other areas on the Internet received less spam, the investigators found. Half the addresses posted on free personal web page services received spam, as did 27 percent of addresses posted to message boards and nine percent of addresses listed in email service directories. Addresses posted in instant message service user profiles, "Whois" domain name registries, online resume services, and online dating services did not receive any spam during the six weeks of the investigation.

 


<<< Chronological Index >>>    <<< Thread Index >>>