Email & Spam

Bryan Borsa bryan at cool-shit.com
Wed Mar 8 16:24:01 EST 2023 

The registry is Radix
The registrar is GoDaddy

My command line whois outputs more info than what is below ( the registry info for example ) , but the Registrar info is the same.

Domains By Proxy is also GoDaddy, well, owned by the same guy that founded it anyway, they’re connected. It is almost certain that this domain name was purchased from them.

To know where a spam email originated from though, you would have to parse the email headers, which would list the IP address of every mail server it went through.  Reporting those IP’s is generally more effective at stopping spam than reporting domain names.

There are likely automated ways of doing that, but I am not familiar with them.  I do know that mail server reputation is something that mail providers / businesses care about ( to some extent anyway, and some more than others ), because they get shut off if it gets too low. ( other people won’t take their mail ).



 - Bryan








> On Mar 8, 2023, at 2:06 PM, Bruce Labitt <bruce.labitt at myfairpoint.net> wrote:
> 
> Perhaps I am misunderstanding how to interpret the output.  This is one of the outputs of whois
> 
> $ whois aagyemang.store
> Domain Name: AAGYEMANG.STORE
> Registry Domain ID: D345146502-CNIC
> Registrar WHOIS Server: whois.godaddy.com
> Registrar URL: https://www.godaddy.com/
> Updated Date: 2023-02-23T09:25:07.0Z
> Creation Date: 2023-01-23T21:28:02.0Z
> Registry Expiry Date: 2024-01-23T23:59:59.0Z
> Registrar: Go Daddy, LLC
> Registrar IANA ID: 146
> Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
> Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
> Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
> Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
> Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
> Registrant Organization: Domains By Proxy, LLC
> Registrant State/Province: Arizona
> Registrant Country: US
> Registrant Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
> Admin Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
> Tech Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
> Name Server: NS37.DOMAINCONTROL.COM
> Name Server: NS38.DOMAINCONTROL.COM
> DNSSEC: unsigned
> Billing Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to         contact the Registrant, Admin, or Tech contact of the queried domain name.
> Registrar Abuse Contact Email: abuse at godaddy.com <mailto:abuse at godaddy.com>
> Registrar Abuse Contact Phone: +1.4805058800
> URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
> >>> Last update of WHOIS database: 2023-03-08T18:40:36.0Z <<<
> 
> For more information on Whois status codes, please visit https://icann.org/epp
> 
> >>> IMPORTANT INFORMATION ABOUT THE DEPLOYMENT OF RDAP: please visit
> https://www.centralnic.com/support/rdap <<<
> 
> The Whois and RDAP services are provided by CentralNic, and contain
> information pertaining to Internet domain names registered by our
> our customers. By using this service you are agreeing (1) not to use any
> information presented here for any purpose other than determining
> ownership of domain names, (2) not to store or reproduce this data in
> any way, (3) not to use any high-volume, automated, electronic processes
> to obtain data from this service. Abuse of this service is monitored and
> actions in contravention of these terms will result in being permanently
> blacklisted. All data is (c) CentralNic Ltd (https://www.centralnic.com <https://www.centralnic.com/>)
> 
> Access to the Whois and RDAP services is rate limited. For more
> information, visit https://registrar-console.centralnic.com/pub/whois_guidance.
> 
> 
> Registrar is godaddy.  I did contact abuse at godaddy.com <mailto:abuse at godaddy.com>.  Is there a more automated (scripted?) way of getting this done?  So it doesn't take so much of my time?  It feels like tilting at windmills, but, it would be good to fight back a little.  Domains by Proxy is the intermediary - a corporation set up to "manage unsolicited contacts from third parties and keeping the domains owners' personal information secret".  https://en.wikipedia.org/wiki/Domains_by_Proxy
> 
> Is abuse at godaddy.com <mailto:abuse at godaddy.com> the only (legitimate) mechanism available to me?
> 
> What does the domain status above mean?  That the status is unavailable to me?  Or something else?
> 
> 
> 
> 
> On 3/8/23 1:36 PM, Bryan Borsa wrote:
>> The Registry and Registrar should still be visible regardless of domain registrant privacy settings.
>> 
>> 
>> 
>>> On Mar 8, 2023, at 1:31 PM, Bruce Labitt <bruce.labitt at myfairpoint.net> <mailto:bruce.labitt at myfairpoint.net> wrote:
>>> 
>>> I did a whois, and due to privacy cr*p, there's no longer a way to get 
>>> to the registrants.  I can see why this might be, but it does make it 
>>> harder to report people
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/pipermail/gnhlug-discuss/attachments/20230308/4c13d683/attachment.html

More information about the gnhlug-discuss mailing list