North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

'Whois protection service'

  • From: Mark Foster
  • Date: Wed Jan 26 22:27:28 2005

Hi folks.
Don't post a lot here but i'm figuring you folks will know more about this
than my local NOG...

When investigating a host that spammed me today, I noted that when I
whois'd the domain that the mailserver involved has forward/reverse dns
pair for, the domain whois information comes up as follows:

Found crsnic referral to whois.enom.com.


Registration Service Provided By: Registerfly.com
Contact: [email protected]
Visit: http://www.RegisterFly.com

Domain name: xmux.com

Registrant Contact:
   RegisterFly.com - Ref# 14155933
   Whois Protection Service - ProtectFly.com ([email protected])


I'm unsure how appropriate it is to post anything more specific in the
open forum, but i've never seen this before. Whats the deal with hiding a
domain name owners true identity?
Is this not simply yet another protect-the-spammers mechanism?

I followed up the chain - the authoritive DNS servers for the domain in
question are hosts within a different domain, and this also has the same
protection engaged....

Is this old hat or something new? Is this still conformant to standard
.com/net registrant rules and regs? (here in .nz, the registry information
is required to be current and valid, and i've never seen a Registrar pass
itself off as the owner of a domain before (at least in any legitimate
situation))

Thanks in advance,
Mark.