On Wed, May 29, 2002 at 04:16:22PM -0400, Ross Wm. Rader wrote:
>
> I think a more interesting question is what is the value of having
> predictable output?
>
> The reason I ask is that one of the anti-harvesting strategy that we've
> contemplated is a randonly generated output (ie - sometimes with comma's,
> sometimes not, sometimes admin up top, sometimes down below)...etc...
>
> If predictability is highly valued, then I'd like to hear more...
Truth be told, I don't think simple format changes will do much to
thwart harvestors. Since the "Registration Service Provider" part got
added to the whois output, we're receiving almost as much spam (and
hosting offers etc) to the address listed there as to addresses listed
on the admin contact. It looks to me as if the harvesters simply grab
anything that's /[a-z0-9]+@([a-z0-9-]\.)+\.[a-z]+/ and don't even
bother looking at what the address is "supposed" to be for.
Spammers tote shotguns, not sniper rifles.
Predictable output certainly helps with some of the tools we use. My
expiry robot (email [EMAIL PROTECTED] with a list of domains) looks for
things with something like:
whois example.com | awk '
BEGIN
{ a=0 }
$0~/[Aa]dmin/
{ a=1 }
a==1&&$0~"@"
{ print; nextfile; }'
etc.
I would *certainly* appreciate notice of format changes. Most of the
changes that have happened can be dealt with by forgiving enough
analysis tools (which are of course more prone to error the more
forgiving they are).
If OpenSRS doesn't consider whois service to be a vital part of what
it provides to us resellers, what about setting up a referral system
whereby whois.opensrs.net will make a query to the resellers' own
whois server and dump the results of that query back to the requestor?
I'd much rather run my own whois server than have OpenSRS spitting
things out in unpredictable formats.
--
Paul Chvostek <[EMAIL PROTECTED]>
Operations / Development / Abuse / Whatever vox: +1 416 598-0000
it.canada http://www.it.ca/
