Will my .name domain registration information be publicly available
through WHOIS? Will spammers be able to use this information to send
junk e-mail to me?

Hi there!

Yes, your .name domain registration information will be publicly
available through WHOIS, as stated in ICANN's (The Internet
Corporation for Assigned Names and Numbers) rules:

"Will my name and contact information be publicly available?

Yes. Information about who is responsible for domain names is publicly
available to allow rapid resolution of technical problems and to
permit enforcement of consumer protection, trademark, and other laws.
The registrar will make this information available to the public on a
"Whois" site."

ICANN FAQ
[ http://www.icann.org/general/faq1.htm ]

Obviously, spammers love this, and are known to crawl through
listings.  You can saw the spammers off at the knees, however, by
establishing a special e-mail account through a service such as
Hotmail.  Sign up for an account, set the account up to *only* accept
mail from your Registrar and your web host, and use that address for
your contact information.

Just be certain to log into that account once a month, lest it be
deactivated!

Good luck!

missy-ga

---

Request for Answer Clarification by jasonfreitas-ga on 06 May 2002 14:28 PDT

Thanks for the fast response and comments! Actually, I was more
curious about the unique aspects of the ".name" domain in particular.
For example, say I registered the domain "john.doe.name", which gives
you the e-mail address john@doe.name. I could put some other e-mail
address (like Hotmail) in the registration record as you suggested.
However, I'm more worried about spam coming to john@doe.name, which,
while not listed directly in the registration record, is inferrable
programmatically. I'd hate to have my new "personal e-mail for life"
end up as just another spam receptacle. I don't know if the WHOIS
record for the .name domain will show <doe.name> or <john.doe.name>,
but I guess there is a risk either way.

P.S. Great service.

---

Clarification of Answer by missy-ga on 06 May 2002 18:46 PDT

Hi Jason, 

I'm afraid that there's no getting out of being listed by WHOIS.  I've
checked several FAQs, and they all say the same thing (example here is
from Network Solutions):

"Q:  What if I don't want my information to be in WHOIS?
A:  ICANN requires that we provide full WHOIS information for each
domain name we register."

[ http://www.netsol.com/en_US/faq/whois/whois-faq.jhtml ]

Awful rule if you're trying to avoid the spammers, but circumvented
easily enough if you use your domain name at a host with aggressive
spam filtering. (Or through the "spamcatcher" method.)  Alternatively,
you could subscribe to SpamCop, which filters so aggressively, they
occasionally catch good mail:

[ http://www.spamcop.net ]

The commenter below noted that most WHOIS services don't support the
.name TLD - that's true to a point.  They don't support it *yet*, but
are moving in that direction.  Using the simultaneous dig at
GeekTools.com produced results readily enough:

[ http://www.geektools.com/cgi-bin/proxy.cgi ]

Good luck running from the spammers!  If you find something more
effective than never getting online, do let me know!  ;)

missy-ga <--gets spammed and gets even with SpamCop.

Just a personal comment on this subject. I register a lot of names and
the average time period before my first spam message to the new domain
email address is about 45 minutes.

Unfortunatly a real email address in the registration is preferable to
a false one. If InterNIC needs to reach you regarding the domain, then
its probably a good thing that they can do this with little hassle. I
setup a single email address for this, and once a week, take a look at
the mail that is in there.

If you have control over your server you can setup spam filters, these
are getting fairly good these days. Spam Assasin is one I use and it
gets about 98% of the little buggers before they reach my mail box.

Hope this helps in some small way. 

webadept-ga

I have registered my name with the .name domain and have not yet
received spam to that address, but I am sure it will just be a matter
of time. The whois record shows <john.doe.name>. However, most whois
utilities don't support the .name gTLD. This is the only one I've
found -- http://www.gnr.com/cgi-bin/whoisweb.cgi?type=public&page=query&d=s&qt=domain.

It looks like you can use peter.morgan.name as a test case.

Your TLD/SLD information needs to be publically available for it to be
publically used on the internet. There's really no way getting around
that. As a result, spammers can get ahold of it, just as easily as a
person on the internet who wants to legitimately mail you could. If
someone needs to email you concerning a problem with your domain, and
your email is not listed, you have a problem. However, you can combat
spam by setting up mail filters.

If your account it hosted on a Linux server that is running procmail,
and you have shell access, then you can set up a series of filters
(known as recipies) for your account that will filter a lot of spam.
Alternatively, you can use a tool such as SpamBouncer
(http://www.spambouncer.org/) to do this for you through procmail.
SpamBouncer is a full and robust toolset that filters many known types
of spam and virus email before it gets to you, or simply flags it as
"errant" for your information, depending on your settings. It also
uses real-time spam blacklists to check to see if the mail matches the
profile of a known spammer, and if so, it filters the mail.

Spam is an unfortunate side-effect of the availability of information
on the internet. However, if you follow proper precautions, then you
cna avoid a lot of it.

1) Always "spam-proof" your email before putting it on the internet.
For example, make your email JoeNOSPAM@doe.name. If you can, put a
little tag on there to tell people to remove the NOSPAM to get your
real email address. Spam email collectors are automated, and this will
often make it into their database at JoeNOSPAM@doe.name, rather than
Joe@doe.com, while a human reader cna discern the real email address.
However, as spam email address collection programs get more robust,
you may have to modify this technique. I know of at least one email
collector that looks for common words or set of words like NOSPAM or
SPAMSUCKS and removes them from the email. You'll have to get more
inventive.

2) Use mail filters. If you can't filter server-side, most mail
clients offer filtering, although it will be less robust than
server-side filtering. It can save you a lot of headaches, and is
really worth the two hours learning how to set it up.

Best of luck!

Chris

Jason, though you DO need to give correct information on your InterNIC
registration, it doesn't necessarily have to be highly personal
information.  Use your business address, your first initial instead of
your name, and an anonymous email.  I have a separate email that I use
for nothing except domain registrations.  It's mine, it's legit, but I
have yet to receive anything but spam there.  About once a month, I
access it and delete the mail.  Unless you have a domain name that is
likely to cause some problems (such as having the same name as a
celebrity, or abusing other prople), your chances of getting mail from
your registrar are slim. Many registrars are doing all they can to
filter the spam-bots, requiring hand-entered passwords that bots
cannot enter.  This HAS cut out some of the spam, though there is a
long way to go.  The delete button is your best recourse.