SPAM Originates From WHOIS Registration Info

[Mayo]

In the past year the amount of spam I have been receiving at one particular e-mail address has increased dramatically.

I believe that I have traced the origin of the spam to the public WHOIS domain name registration directory where my e-mail address was listed in my contact information.

I went so far as to trash the e-mail address yesterday, only to begin receiving similar spam on another address used for domain registration purposes.  I wish that I had know about this problem before I had registered the domains!

Assuming that I must provide a valid e-mail address when registering, I am considering using the services of this company http://www.alternativeidentity.com/  The service was recommended by directNIC.

Any comments about the information on WHOIS?  Has anyone had experience with AlternativeIdentity.com?  I figure that there must be more experienced webmasters on TS who have struggled with this problem...

[tacit]

I maintain about two dozen Web sites, and my email address is in the whois information for all of them. I report all the spam I get to SpamCop and take other actions against spammers, so even though I'm flooded with spam, I generally manage to get the spammers shut down.

Many people are beginning to "corrupt" the email address that appears in the whois directory, by, for example, listing their email address as "fred@whateverdomain.com#0" or "fred@whateverdomain.com.nospam.invalid". Adding this junk to the end of the email address confuses spam harvesters.

[Mayo]

I also report spam via Spamcop, but the spam is never-ending and I wonder how much good the spam reports are doing. It seems like more and more spam is coming from ISPs that are overseas, and in some cases I report spam from the same sender/ISP mulitiple times without success.

I think that it is important that people know ahead of time that posting an e-mail address at WHOIS is basically an invitation to spammers.  if I had known what I know now, I would have either not provided an e-mail address or I would have monkeyed with the address like you mentioned.

[Diana]

Hi Mayo,

The registrar you went through the register your domains should allow you to modify your information. You could go in (a control panel they've provide maybe?) and make the changes to your email that Tacit has suggested. It won't help those creeps who've already harvested it, but it may stop it from getting out even more.

see ya,

[Mayo]

Diana, I think I will do just that.  It is quite simple to access my account at directNIC.

[Mayo]

Hmmmm...I just tried to alter the info at directNIC and it would not accept an "inavlid" e-mail address.

[kelly]

May not help in this case. But I've heard of people using at instead of @.  

People can figure it out but the spambots don't.

[Diana]

Hi again Mayo,

You should be able do something like this:

yourid.nospam@valid.dom.com, nospam-yourid@ or something similar

They probably have a script that checks to see if the domain itself is valid, so instead of changing that part, just add the obfuscation to what's in front of the @ sign.

[kps]

Strangely enough (knock on wood) I have never received a single piece of spam addressed to my WHOIS contact email.

I don't know why thas is and no, I'm not complaining, but I think there may be more to it than simple harvesting of ALL contact addresses.

Diana, I'm wondering if modifying the user ID is adequate. Many hosting services include a catch-all mailbox for any misspelled user IDs,  so I think that even these modified addresses would arrive in the domains mailserver.

[Diana]

Hi kps,

You're right...in fact that is a setting that can be enabled on my server.    I try to teach people about the dangers of using that catch-all and since I allow an unlimited number of aliases, they can create aliases for probably mis-spellings. But, even with a catch-all set, you can then create a filter in your email program that will trash anything sent to the obscured email you used at the registrar...unless the message was from the registrar itself.

oh, the work we'll go to to fight the spammers      when we shouldn't have to at all. I hope everyone realizes that buying even one thing from a spammer just encourages them all to keep trying. If a spammer sends me something that I might actually want...I'll do hours of research if necessary to find that product through a search engine just so I don't buy it from a known spammer.

*grin...funny story here. I had a phone call. A guy/man/kid asked for me but mispronounced my name..(sure sign of a telemarketer). Then asked if I was aware of a program for keeping a computer safe and problem free. Before I could say anything, he mentioned Norton System works. I immediately butted in and asked him.."are you the people who are constantly spamming me?" A couple of stutters and "uhs" were all I got before the telemarketer abruptly hung up...and me in a mood to "play" with him.

[kps]

quote:
oh, the work we'll go to to fight the spammers when we shouldn't have to at all.

That's so true.

That's a good tip about setting up a filter for the modified WHOIS contact address if catch-all is enabled.

[Mayo]

Changing the information in front of the "@" was also rejected.  I'm corresponding with directNIC about this issue and I will report back if I hear anything substantive from them.

I think that I will use the AlternativeIdentity service just because having all my contact info publicly available doesn't exactly make me happy.  directNIC informed me today that AI is affiliated with them; both outfits have the same owners.

Speaking of stories...Some years back when I was subscribed to a Eudora mailing list we were spammed by an outfit offering one of those CDs with millions of e-mail addresses.  Naturally, there was some discussion about the spam on the list.  

Then along came an e-mail from a list member to the spammer showing interest in the CD.  Apparently the list member had mistakenly replied to the list instead of to the spammer.  It just goes to show that even people who should know better respond to spam, which is why it exists.
 
 [ 02-22-2003, 02:49 PM: Message edited by: Mayo ]

[LR827]

I have a really tough time with spam, because of the nature of my website.  I invite readers to send me e-mail with questions they may have for a psychiatrist.  Do I have to tell you, some of the legitimate e-mail I get sounds like spam.  For example, Subject: "Sex problem" vs. "Sex Problem?"

The latter is probably another pitch for Viagra.

It's hard tellin' not knowin' (who said that?) So I just open everything.  With a little bit of luck, as Diana points out, my computer has not yet caught fire.

[Diana]

Hi Lorraine..  

I went to your web site out of curiosity and noted the your e-mail address is not clickable. I'm assuming you have it that way on purpose, but it won't stop the spam harvesters.

Read this link for some ideas for obscuring your e-mail address on a web site:
 Anti-Spam Measures

I don't think you can use those methods to protect your book order address, but the questions   one can  be well guarded from the spammers.

HTH,

[LR827]

Thanks, Diana -- I went to the Anti-Spam link, but it is a little too confusing for me.  I am not familiar with javascript, and such as that -- I was not sure which I should choose from his menu of options.  I didn't want to paste something into my website incorrectly that would screw things up.

You were right, I added the "no charge for e-mail" at the end of the e-mail address in order to thwart spammers.  It seemed to help -- I have not gotten nearly as much spam as I used to.  At least it seems that way, I haven't actually recorded any numbers.

I'll take away the "no charge" comment, because I thought it was stupid anyway.  How could anyone charge for a question someone asked over e-mail?  I'll see if I get more spam when I take it away.

If you know of one of TW's scripts that I should choose, please advise!!  Thanks again,

Lorraine