RE: [nc-whois] WHOIS and SPAM - survey show no connection

["Steve Crocker" <steve@stevecrocker.com>]

Title: Message

Marilyn,

 

Thanks.  I've penciled in next Tuesday at 11:00.  Since the rest of the Security and Stability Advisory Committee is included in this note, let me hereby encourage others on the committee to accept Marilyn's invitation to join their next conference call Tuesday.

 

That said, I think it will be helpful to sketch the main issues in advance of the call so we can make as much progress as possible.  Between the opinion we posted formally and my last note, I think we've pretty much had our say on this matter.

 

Let me know the details of the call and I'll join in.  I assume it's scheduled for an hour.  I have appointments in the afternoon and will have to scoot no later than noon.

 

Steve

 

 

 

 

 

 

 -----Original Message-----
From: Cade,Marilyn S - LGA [mailto:mcade@att.com]
Sent: Wednesday, January 15, 2003 12:41 PM
To: Steve Crocker; dnssac-comment@icann.org
Cc: nc-whois@dnso.org; Louis Touton (E-mail); Ram Mohan; Tony Holmes (E-mail)
Subject: RE: [nc-whois] WHOIS and SPAM - survey show no connection

Steve, The WHOIS TF today agreed that they were very interested in inviting you and fellow members of the Advisory Committee to our next call, which is next Tuesday, at 11:00 a.m. EST.  We are anxious to dialogue with the Advisory Committee and appreciate receiving your final report when it was posted to the Names Council by Louie Touton.

The TF is interested in a more extensive dialogue than can be provided by one member, and we are anxious to ensure that there are several Advisory Committee members available to discuss their views and findings with us.  If it turns out that Tuesday at 11:00 am. EST is not possible, can you contact me off list, please, and we'll work together on a different time/date. However, we want to make it next week, given our time lines.

 

We appreciate receiving your response and your responsiveness.

 

Best regards, Marilyn Cade and Tony Harris, co-chairs

 -----Original Message-----
From: Steve Crocker [mailto:steve@stevecrocker.com]
Sent: Wednesday, January 15, 2003 12:33 PM
To: Cade,Marilyn S - LGA; dnssac-comment@icann.org
Cc: nc-whois@dnso.org; 'Louis Touton (E-mail)'; 'Ram Mohan'
Subject: RE: [nc-whois] WHOIS and SPAM - survey show no connection

Marilyn,

 

Good to hear from you.  We'll be glad to interact with the TF.  Ram Mohan is also a member of both the TF and our committee, and he's volunteered to be a bridge as well.  (I've cc'd him explicitly on this message, which presumably means he'll get three copies!)

 

In addition to Philip Sheppard's note citing the FTC that indicates the whois database is not a primary source of email addresses for spammers, we're also getting email from others indicating the opposite.  This obviously bears further study.  My own experience suggests email addresses are indeed collected from the whois database.  I get a fair amount of mail addressed to hostmaster@<domainname> for one of my domains, and there is absolutely *no* instance of that email address being used in any other context.

 

To press the point a bit further, it seems to me there are two parts to this puzzle, one based in fact and one based in policy.  The factual question is whether the whois database does, in fact, get used for gather email addresses for spam.  As I said, we're getting a range of opinions on this, but I expect we'll be able to get a reasonably good handle on this after a while.  The policy question is whether the whois database is required to be publicly accessible as a whole.  I consider it a separate question as to whether individual entries should be accessible and to whom.  The issue for this discussion is whether an entire whois database should be made available.  If so, that's an exposure that needs to be understood and made known to everyone who places an entry into the database.

 

Let me also note that a related issue has come up with respect to the DNS database, and that some have raised a concern that the combination of the DNS database and the whois database results in a considerable amount of information which can be exploited for commercial purposes.

 

Thanks,

 

Steve

-----Original Message-----
From: Cade,Marilyn S - LGA [mailto:mcade@att.com]
Sent: Wednesday, January 15, 2003 7:52 AM
To: steve@stevecrocker.com; dnssac-comment@icann.org
Cc: nc-whois@dnso.org; Louis Touton (E-mail)
Subject: RE: [nc-whois] WHOIS and SPAM - survey show no connection

Steve, on behalf of Tony Harris and myself as co-chairs, we will discuss an invitation to the committee to talk with the TF. In the meantime, perhaps we could all be thinking about how best to ensure cross communication between the Advisory Committee and the TF as you receive comments.

 

Regards, Marilyn Cade

-----Original Message-----
From: Philip Sheppard [mailto:philip.sheppard@aim.be]
Sent: Wednesday, January 15, 2003 4:43 AM
To: steve@stevecrocker.com; dnssac-comment@icann.org
Cc: nc-whois@dnso.org; NC (list); Louis Touton ICANN
Subject: [nc-whois] WHOIS and SPAM - survey show no connection

Steve, interesting to read the Security and Stability Advisory Committee recommendation on Whois. In relation to privacy you state: "it is widely believed that Whois data is a source of e-mail addresses for the distribution of spam".  This may be a wide belief but empirical evidence from the US Federal Trade Commission tells us otherwise. See the last sentence of the note below in particular.

Philip

------------------

http://www.ftc.gov/bcp/conline/pubs/alerts/spamalrt.htm. 

To find out which fields spammers consider most fertile for harvesting, investigators "seeded" 175 different locations on the Internet with 250 new, undercover email addresses. The locations included web pages, newsgroups, chat rooms, message boards, and online directories for web pages, instant message users, domain names, resumes, and dating services. During the six weeks after the postings, the accounts received 3,349 spam emails. The investigators found that:

• 86 percent of the addresses posted to web pages received spam. It didn't matter where the addresses were posted on the page: if the address had the "@" sign in it, it drew spam.
   
• 86 percent of the addresses posted to newsgroups received spam.
   
• Chat rooms are virtual magnets for harvesting software. One address posted in a chat room received spam nine minutes after it first was used.

Addresses posted in other areas on the Internet received less spam, the investigators found. Half the addresses posted on free personal web page services received spam, as did 27 percent of addresses posted to message boards and nine percent of addresses listed in email service directories. Addresses posted in instant message service user profiles, "Whois" domain name registries, online resume services, and online dating services did not receive any spam during the six weeks of the investigation.