As far as I’m concerned, there is nothing worse than those who crawl through domain whois records for the purpose of emailing me. I get a lot of it. Funny thing is, it’s strictly forbidden in ICANN’s (the sole registrar accreditation body) rules. ICANN’s Registrar Accreditation Agreement section 3.3.6.3 states:

“Registrar’s access agreement shall require the third party to agree not to use the data to allow, enable, or otherwise support any marketing activities, regardless of the medium used. Such media include but are not limited to e-mail, telephone, facsimile, postal mail, SMS, and wireless alerts.”

In fact this has been on the books since 2003. Yet on a daily basis I receive whois-crawled spam. Now yes, you can definitely whois any domain and readily spam the owner. But these people are not just spamming one or two domains, they’re spamming thousands, if not tens of thousands at a time. (As with all spam, you’ve got to fish a lot to catch anything). Access to this requires what ICANN calls ‘bulk whois’, which pretty much any registrar with an API will provide you. However it is up to them to prevent people from using this as a means to spam people. While I realize it is not trivial to track the spam back to the registrar allowing the mass harvest, it’s not like there is an infinite number of registrars. Tracking down the people providing this information to spammers would not be impossible. Considering ICANN is pretty much useless for everything else (it took them how long to stop turning a blind eye to domain tasting? oh right, 10 years), they could at least enforce this policy, track down offending registrars and remove their accreditation. (I kid, ICANN will never do this, their rules are pretty much toothless, and this article is really just to ridicule spammers who take themselves seriously)

Now, whois-crawled spam is a bit different than your usual spam. No viagra, OEM software or luxury watches. No, whois spammers usual take themselves a lot more seriously, which makes it all the funnier because they’re just as pathetic as the guy selling Chinese V1ag4ra. Let’s look at a few of  the types of assholes who take part in this practice. (and some of my favourite examples)

Web hosts offering quality web hosting at low low prices:

(Click to expand)

The idea behind this type of domain spammer is pretty simple. You own a domain name, everyone who owns a domain name has some sort of hosting for it, everyone likes cheaper hosting. Amusingly sales@ and abuse@ evul.net get *tons* of it, which is usually very poorly targeted (and ironic when it goes to abuse@). However, the spam pictured above was actually well targeted, because its offering local large scale hosting, the kind that evul.net might want. However there in lies the problem, why as a web site owner (or a web host like evul.net) would you ever want hosting from a *spammer*. It immediately calls into question the ethics, let alone the quality of such a provider. They all end up getting spamcop’d and in the case of this one, I wrote to the idiots to personally express my disgust, they are locally known and slimy. Hopefully enough spamcop reports will get these wannabe providers upstreams to slap them, as they’re almost always sent from North America.

SEO/marketing experts asking for links:

(Click to expand)

This one gets me. It’s pretty brainless. We get a ton of these at work for any blog that we have our email address on the whois for. The idea is that if you ask nicely enough for a link (they *always* come from female, likely fake, names) someone will give you that link, and your google pagerank will be increased! In reality you are a spammer. It must work enough of the time that it makes it worth while for these people to do it. I try and spamcop these guys, but it’s like pissing in the ocean: the email sources and spamvertised sites are almost always in South America, Asia or eastern Europe. (This particular one came from some ISP in Argentina) I have a feeling they are usually fronts for something else, (get a pseudo legit page pageranked up, use it to then push other pages up) as no legit page bulk emails out begging for links.

People selling ads/ad network services:

(Click to expand)

I save the best for last. These are the most ironic and we get them from time to time at work. People spam our own sites essentially offering their own advertising services. It’s even better (ironic), like in the above example, when they are spamming an obvious campaign site, showing there is likely no human intervention in the spam. They’re just looking for well pageranked sites and spamming the owners. This again begs the question, who actually receives one of these and takes them up on their most reputable (lol) offers. Sadly some people must to make it worth while. Since these are all pseudo legit (wannabe) marketing companies, they’re almost always in the US, so spamcop for great justice.

We received a good one from a company selling a Twitter trending solution recently, again well targeted against an actual twitter-based campaign site, but it begs the question of how new are these people to the internet. How is it, that in 2010 there are people out there who still believe their business has any legitimacy as soon as they send out unsolicited-bulk email to the same people who have been fighting such email for nearly *20 years*. In short, stop buying services/products you see in spam, have sweet dreams of useless ICANN actually enforcing the bulk-whois-marketing rule instead of ignoring registrars who allow it willy-nilly, and spamcop everything for great justice.

And to “Data Centers Canada Inc.”, “Comodus” and “Linkstar”, congrats you are spammers, any hopes you had of every being taken seriously as legit businesses went down the drain when you sent out unsolicited bulk email to domain owners, no matter how well targeted it was.

So first off I apologize for a lack of blogging. It always seems to fall to the side when life gets busy. My main priority right now is working on (and eventually) finishing going through Florida pictures, but everything seems to get in the way including taking more pics to add to the queue.

One thing I’ve wanted to do for awhile though is have a way to manage my interesting links. I read a lot of tech and science news in the morning and like to share said articles with family and friends. So I generally share them with Facebook, or Twitter (which in turn *usually* trickles back to Facebook unless their plugin is broken), but neither is really a trust worthy place to put any information you care about. I really like the way Justin does it, but also wanted to tie a quick push to Twitter (and thus Facebook) in.  So I figured I might as well write a little social bookmarking thing.

The entire hack took about 30 minutes, including the time to register a cheap (i.e. not taken) and very short (3.2) domain name (k4v.ca) for my built in URL shortener as using kavassalis.com?blah seemed a touch long. I have yet to display my links in the blog layout, but I will probably whip up a widget tomorrow morning to appear on the right side of all the pages with the last N links. Anyway the code is pretty ugly and basic but here it is:

The actual link forwarder: (l.php)

if (sizeof($_GET)!=1) { header("Location: http://kavassalis.com/"); }
$code = key($_GET);

$dbUser = "abc";
$dbPass = "xyz";
$dbName = "nick_blog";
$dbHost = "127.0.0.1";

if ($rows == 1) {
$link = mysql_result($result,0,"link");
header("Location: $link");
} else { header("Location: http://kavassalis.com/"); }


(The obvious flaw is that it doesn’t give an error to the user if the database is down, but I didn’t feel like doing that so…)

and here is the link creator: (bookmark.php)

function mkCookie()
{
$pool = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890';
for ($i = 0; $i < 3; $i++)
{ $result .= $pool{rand(0, 61)}; }
return $result;
}

if (!isset($_GET['link']) || !isset($_GET['blurb'])) {
*** FORM HTML WOULD APPEAR HERE, THANKS WORDPRESS ***
} else {

Amusingly the WordPress < code > block really seems to detest HTML, i.e. WordPress renders it even though its inside the block, that just makes no sense… Too lazy to figure out how to do it for a 4 line form. So yea, thats the code. No URL tracking/stats, but thats not really what I was going after. I just wanted an easy one click way to share URLs everywhere at once, and store them somewhere safe.

Things have been generally busy work wise, home wise. I am going to try and blog more again. Today being May 5th means that Mucho Burrito has $5 12″ burritos and I’m going to go and see if I can’t manage to consume two between now and dinner. Toodles!