North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Internic hosage (fwd)

  • From: Dean Robb
  • Date: Sat Mar 21 21:43:41 1998

At 14:18 3/21/98 -0800, Randy Bush wrote:
>I think that this is a really important issue.  Thanks for bringing it
>> Who should have access to whois contact information and its misuse.
>I put my data in there for use by folk with net ops problems.  My
>understanding is this is the purpose for which whois data have always
>been given.

Correct.  The stated purpose of WhoIs (in all it's guises) is to provide
contact information for a domain.  This information is supposed to be
publicly available to provide a way for a user or other sysadmin to contact
the domain owner/technical people.  Thus, if you have a misconfigured mail
server that's bouncing all "postmaster" mail, I can email your tech or zone
contact to let them know, or place a phone call, or whatever.  That's why
several RFCs require correct contact data to be in WhoIs.  

The misuse aspect has come about because spammers (primarily) have bots
that will harvest all the addresses in WhoIs and send them their drivel.  

Many people, because of this abuse, want to NOT have their email address
listed in WhoIs...but that defeats the good purpose of the database.
Probably the best way to handle this right now is to use a role account in
the registration and put spam filters on that account.  It's important to
read mail to that account, though, because in the trash could easily be
something important.  

So far, MOST (but not all) of those (that I've seen) arguing vehemently for
complete anonymity in WhoIs and/or having no valid contact data are those
persons trying to hide their identity because they are engaging in Net
abuse of one form or another.  There are a few, though, that are just
privacy fanatics with no special agenda.

Spam:  it's not just for breakfast anymore....

Dean Robb
On-site computer services
(757) 495-EASY [3279]