At 5/29/02 11:27 PM, Paul Chvostek wrote: >I don't need OpenSRS to >halfheartedly break a protocol I'm using in a fruitless attempt to >inconvenience spammers.
Yes. Intentionally messing with the format is pointless. Spammers will trivially bypass it with a few minutes' work, and it will merely be an inconvenience to those poor souls who do use it for legitimate purposes, such as other registrars who parse it for transfer confirmation addresses. If OpenSRS wants to do something clever to prevent WHOIS spam, here's a suggestion that works but doesn't interfere with parsers: offer the option for WHOIS to generate temporary forwarding addresses on the fly. For example, an end-user's real address may be "[EMAIL PROTECTED]". But when the WHOIS for example.com is queried, OpenSRS could give out the address as "[EMAIL PROTECTED]" (making up a random number). Then OpenSRS would forward mail for [EMAIL PROTECTED] to [EMAIL PROTECTED] for, say, two weeks. Mail sent to the random address after two weeks would be bounced with an explanatory error. This would mean that spammers couldn't compile and sell lists of names from the WHOIS, because they would be out of date 14 days later. (The problem is not that each spammer is compiling his own list from the WHOIS, but that one idiot does so and sells it to thousands of other spammers over the next few years.) This scheme would meet the requirement that the WHOIS contain a valid contact address for the domain, and would work much better than various challenge-response or whitelist systems I've seen in use (it requires no configuration or maintenance at all), and it doesn't interfere with automated systems like transfer confirmations. If I recall, some other registrar does something similar to this, although I can't remember which one it is. This is actually on my list of things to implement locally by updating the WHOIS forwarding address for each domain every so often, but it would be better done at the registrar level. -- Robert L Mathews, Tiger Technologies "The trouble with doing something right the first time is that nobody appreciates how difficult it was."
