As far as I’m concerned, there is nothing worse than those who crawl through domain whois records for the purpose of emailing me. I get a lot of it. Funny thing is, it’s strictly forbidden in ICANN’s (the sole registrar accreditation body) rules. ICANN’s Registrar Accreditation Agreement section 184.108.40.206 states:
“Registrar’s access agreement shall require the third party to agree not to use the data to allow, enable, or otherwise support any marketing activities, regardless of the medium used. Such media include but are not limited to e-mail, telephone, facsimile, postal mail, SMS, and wireless alerts.”
In fact this has been on the books since 2003. Yet on a daily basis I receive whois-crawled spam. Now yes, you can definitely whois any domain and readily spam the owner. But these people are not just spamming one or two domains, they’re spamming thousands, if not tens of thousands at a time. (As with all spam, you’ve got to fish a lot to catch anything). Access to this requires what ICANN calls ‘bulk whois’, which pretty much any registrar with an API will provide you. However it is up to them to prevent people from using this as a means to spam people. While I realize it is not trivial to track the spam back to the registrar allowing the mass harvest, it’s not like there is an infinite number of registrars. Tracking down the people providing this information to spammers would not be impossible. Considering ICANN is pretty much useless for everything else (it took them how long to stop turning a blind eye to domain tasting? oh right, 10 years), they could at least enforce this policy, track down offending registrars and remove their accreditation. (I kid, ICANN will never do this, their rules are pretty much toothless, and this article is really just to ridicule spammers who take themselves seriously)
Now, whois-crawled spam is a bit different than your usual spam. No viagra, OEM software or luxury watches. No, whois spammers usual take themselves a lot more seriously, which makes it all the funnier because they’re just as pathetic as the guy selling Chinese V1ag4ra. Let’s look at a few of the types of assholes who take part in this practice. (and some of my favourite examples)
The idea behind this type of domain spammer is pretty simple. You own a domain name, everyone who owns a domain name has some sort of hosting for it, everyone likes cheaper hosting. Amusingly sales@ and abuse@ evul.net get *tons* of it, which is usually very poorly targeted (and ironic when it goes to abuse@). However, the spam pictured above was actually well targeted, because its offering local large scale hosting, the kind that evul.net might want. However there in lies the problem, why as a web site owner (or a web host like evul.net) would you ever want hosting from a *spammer*. It immediately calls into question the ethics, let alone the quality of such a provider. They all end up getting spamcop’d and in the case of this one, I wrote to the idiots to personally express my disgust, they are locally known and slimy. Hopefully enough spamcop reports will get these wannabe providers upstreams to slap them, as they’re almost always sent from North America.
This one gets me. It’s pretty brainless. We get a ton of these at work for any blog that we have our email address on the whois for. The idea is that if you ask nicely enough for a link (they *always* come from female, likely fake, names) someone will give you that link, and your google pagerank will be increased! In reality you are a spammer. It must work enough of the time that it makes it worth while for these people to do it. I try and spamcop these guys, but it’s like pissing in the ocean: the email sources and spamvertised sites are almost always in South America, Asia or eastern Europe. (This particular one came from some ISP in Argentina) I have a feeling they are usually fronts for something else, (get a pseudo legit page pageranked up, use it to then push other pages up) as no legit page bulk emails out begging for links.
I save the best for last. These are the most ironic and we get them from time to time at work. People spam our own sites essentially offering their own advertising services. It’s even better (ironic), like in the above example, when they are spamming an obvious campaign site, showing there is likely no human intervention in the spam. They’re just looking for well pageranked sites and spamming the owners. This again begs the question, who actually receives one of these and takes them up on their most reputable (lol) offers. Sadly some people must to make it worth while. Since these are all pseudo legit (wannabe) marketing companies, they’re almost always in the US, so spamcop for great justice.
We received a good one from a company selling a Twitter trending solution recently, again well targeted against an actual twitter-based campaign site, but it begs the question of how new are these people to the internet. How is it, that in 2010 there are people out there who still believe their business has any legitimacy as soon as they send out unsolicited-bulk email to the same people who have been fighting such email for nearly *20 years*. In short, stop buying services/products you see in spam, have sweet dreams of useless ICANN actually enforcing the bulk-whois-marketing rule instead of ignoring registrars who allow it willy-nilly, and spamcop everything for great justice.
And to “Data Centers Canada Inc.”, “Comodus” and “Linkstar”, congrats you are spammers, any hopes you had of every being taken seriously as legit businesses went down the drain when you sent out unsolicited bulk email to domain owners, no matter how well targeted it was.