Slashdot Mirror

← Back to Stories (view on slashdot.org)

Detecting Anonymously Registered Domains

Posted by kdawson on from the may-i-tell-them-who-is-calling dept.

Spamresource.com has up a piece describing a new service that could be useful in evaluating the reputation of sites you deal with — anonwhois.org returns information on domains registered anonymously. It provides a DNSBL-style service that "is not a blacklist and wasn't meant to be used for outright rejection of mail." Only 619,000 domains are listed so far, but more are added as they are queried, so the database will grow more complete. Anonwhois.org seems to be a sister site to Spam Eating Monkey.

18 of 97 comments (clear)

  1. Continued misuse of blacklists by suso · · Score: 5, Insightful

    It provides a DNSBL-style service that "is not a blacklist and wasn't meant to be used for outright rejection of mail.

    Which of course means that in a year or two us mail administrators will start encountering mail servers that have been setup to reject mail based soley on them being on this blacklist.

    1. Re:Continued misuse of blacklists by eldavojohn · · Score: 4, Informative

      It provides a DNSBL-style service that "is not a blacklist and wasn't meant to be used for outright rejection of mail.

      Which of course means that in a year or two us mail administrators will start encountering mail servers that have been setup to reject mail based soley on them being on this blacklist.

      Yeah, I urge everyone to exercise caution here ... I looked at the stats and was a little concerned about 123k domains (20%) being domains by proxy. I host a site as a hobby and enjoy tinkering with forums and the like on it. I also don't like the idea of someone looking up my home address via whois and showing up at my front door to complain about something someone said on one of these forums. As a result, I opt for my ISP to be my proxy on the registration of the domain. Now, I know you think that means I have something to hide but I just really don't want my address and name out there because all I would have to put there is my house address.

      Granted, my domain's not no the list and I'm not using it as a mail server (yet), I sympathize with hobbyists, non-profitable sites and people who value privacy. Keep that in mind if you're going to utilize this site as an auto-reject authority.

      --
      My work here is dung.
    2. Re:Continued misuse of blacklists by sopssa · · Score: 4, Interesting

      Anecdotes are not data (and a mailbox works as a contact address).

      Maybe in the US. What do you suggest those in the other countries, which have dropped the usage of mailbox addresses, do? No, I'm not putting my home address on the internet, and no, I'm not registering a costly company (with all the tax filing and other things) just so I can register a domain for a hobby site.

      Everyone should also be able to be tell their opinion anonymously (interestingly you also posted as anonymous coward).

      I'm waiting for your insightful answer.

    3. Re:Continued misuse of blacklists by eldavojohn · · Score: 2, Interesting

      Operating a server with internet services is contrary to popular belief not for amateurs and basement dwelling guys of the "Hmmm. Lemme se how this works. Ooops!" persuasion. The internet is a global collaboration based on informal (and some not so informal) rules. It's not a testing ground for stuff you found on Google or software you downloaded from Sourceforge.

      Wow! The internet is some serious shit! I thought I would just log on and, like, clear up the tubes and make a really wicked site, brah! So tell me, how do I get to be as fucking awesome as you if I can't tinker with hosting a real server with real internet services on the real internet?

      Do you imagine that I am paying $70 a year to a web hosting company so that I can open all the ports on their servers, drop my pants, bend over and wait for the first botnet to have their way with me?

      Contrary to your elitist belief system, web hosting companies exist that offer you servers and restrict your abilities to protect you and others from the horrors of the internet.

      Now get off my lawn before I call the Internet Police.

      The Internet Police!? Well, now I'm fucked. And all this time I thought it was the ma-and-pa Windows 9x machines out there that were part of the big bad botnets. Thank you for opening up my eyes, I realize now that I caused all internet cancer.

      --
      My work here is dung.
    4. Re:Continued misuse of blacklists by Runaway1956 · · Score: 2, Insightful

      "It's not a testing ground for stuff you found on Google or software you downloaded from Sourceforge."

      Now, that's an interesting take. I mean, the internet was BUILT by people doing that sort of thing, wasn't it? Geeks and nerds finding ways to do cool stuff. You're suggesting that the days of innovation are over, and everyone needs to toe the line, or the internet police will come calling?

      Granted, I understand what you're trying to say - there is a lot of serious business conducted on the internet, and hobbyists shouldn't be getting in the way of all of that. All the same - I believe you need to make some allowances for hobbyists. Those open source nerds may very well hand you the gift of a lifetime next month, or next year, making your admin job easier by orders of magnitude.

      Just keep an open mind, is all I'm saying. ;^)

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  2. Stupid by tgd · · Score: 4, Insightful

    In 2010, who *doesn't* use a "hiding" service for a domain? For fifteen years now you'd basically have to throw away any e-mail address on a domain, and get inundated with physical spam on any mailing address used.

    Black listing domains because the owner doesn't want to deal with jackass spammers and bulk mailers is just stupid.

    1. Re:Stupid by Anonymous Coward · · Score: 2, Funny

      In 2010, who *doesn't* use a "hiding" service for a domain?

      Many legitimate companies like to clearly indicate who they are. For example, IBM.com is listed as:

      Registrant:
      International Business Machines Corporation
            New Orchard Road
            Armonk, NY 10504
            US

            Administrative Contact:
                  IBM DNS Admin dnsadm@us.ibm.com
                  IBM Corporation
                  New Orchard Road
                  Armonk, NY 10504
                  US
                  +1.9147654227 fax: +1.9147654370

      Now, since it's so easy to throw up a website, those of us who are less well known than IBM like to project an air of respectability, including who we are, where we are, and how to contact us.

      (and there is some very good anti-spam software out there)

    2. Re:Stupid by Sir_Dill · · Score: 2, Insightful
      I second this

      This has to be the brainchild of a spammer or someone who hasn't been a domain owner for very long (if at all).

      The parent has a VERY good point about scammers and spammers scraping whois for personal information to use for whatever nefarious purpose.

      Consider also that for the many people who register their own domains, the address listed is their personal physical address.

      Anyone who ISN'T using an anonymizer is opening the floodgates for scamming and spamming.

    3. Re:Stupid by Anonymous Coward · · Score: 3, Interesting

      Says the Anonymous Coward.

    4. Re:Stupid by Necroman · · Score: 2, Informative

      I use a PO Box for my domains and don't put my real name on anything I register. It at least keeps away most crap. For email, I always just list a GMail address now and they do a pretty good job filtering out any spam I may get through it.

      --
      Its not what it is, its something else.
  3. What's the point? by DJ+Jones · · Score: 3, Insightful

    This is the dumbest thing since lawn darts. I can tell you who is listed anonymously just by looking at the standard whois database. There's only a handful of privacy companies that represent the majority of anonymous domains. If you could find their contact information then that would be useful.

    Congrats, you are the proud owners of a text parsing machine.

  4. Dumb idea. by loxosceles · · Score: 2, Insightful

    I can't think of a good use for this flavor of dnsbl... too little correlation with anything that matters. A lot of privacy-conscious domain owners use private registration, and it has nothing to do with using the domain for spam or other nefarious purposes.

  5. This will only get misused by thePowerOfGrayskull · · Score: 2, Insightful
    The next step is someone taking this too far and thinking "Great, I can incorporate this into my blacklists!" The problem here ist the underlying assumption that using anonymous registration makes you a spammer.

    While that is certainly a use for anonymous registration, there are a lot of us who register anonymously to avoid having our names and addresses unnecessarily exposed to spam and risk of identity theft.

  6. Re:Fake whois info by thePowerOfGrayskull · · Score: 3, Informative
    In order to avoid the overpriced fees for that, I just got a PO box and use an invalid phone number.

    10 domains at $9/yr each for privacy gives $90/year extra. A PO box costs $45 or so a year. For any more than 5 domains, it's cheaper to go the PO Box route.

  7. Everyone in Canada will end up on this list by Digital_Quartz · · Score: 5, Informative

    CIRA (the ".ca" registry) has a feature called "whois privacy" which hides the information of individuals who register domains by default. Only businesses get their information published in the whois database (by default - individuals and businesses can turn this on or off, although businesses need to provide CIRA with a good reason why they want their whois info hidden).

  8. Contact! by caturday · · Score: 2, Interesting

    Everyone who has brought up or agreed with any of the points raised here (private information protection, spammers lying, disclaimers not working, etc), please use the contact form on the anonwhois site to send them a message informing them that they're doing us all a disservice. Doubtful that we'll get anywhere, but you never know... Note: in the case that this is a front for spammers trying to farm information, you'll probably not want to associate your domain with this site in any way.

  9. Anonymous registration is necessary by StealthyRoid · · Score: 2, Interesting
    I'm the owner of an anonymous hosting company, InvisiHosting.com, and I'd like to comment briefly on the distaste for anonymous domain registration.
    1. ICANN regulations require the listing of accurate data in a WHOIS record, with a threat of revocation if inaccurate data is not corrected. That means that anyone who has a domain name, who doesn't have a company to register it under, has to have their real name, address, email and phone number listed in the WHOIS record. While most registrars are pretty lax in enforcing this, it still leaves normal, good people faced with having to put information that they wouldn't necessarily want public. Anonymous registration makes this unnecessary.
    2. Many people have very very good reasons for not wanting to be associated with a website. Whistleblowers, pranksters, bloggers, etc, all could face serious legal or social repercussions if they data they make public is attached back to them. Many of my non-American customers would be arrested or sued for exercising nothing more than the freedom of speech that the rest of us are accustomed to.
    3. If this idea really takes hold, and ANONWHOIS lists are actually used to spam score email, real spammers will just find a registrar that doesn't enforce ICANN policy too strictly (Joker, GoDaddy, etc...), throw up fake data, and the list would be left penalizing honest people who simply don't want their name attached to their domain.
  10. rfc-ignorant.org already does this by griffinn · · Score: 2, Informative

    This sounds a lot like the whois DNSBL service by rfc-ignorant.org, which has been around for much longer. Why do we need another one?