Thus spake Dean Robb

>I think it would be a reasonable proposal for ARIN to modify
>its SWIP process to do a dnslookup for the email domain to very
>it as valid. Possibly even a SMTP VRFY or EXPN command.


As for the confidentiality matter: there's a problem...a little thing
called the RFCs. Specifically, RFCs 1032, 1033, 920, 1173, 1174 (and
several others) require contact information that is "complete, correct and

I think he was referring to organizations that don't reveal the user
data (or reveal bogus data) in response to a SMTP VRFY or EXPN command,
not the data in the whois record.

I know what he meant :). The fact remains, though, that those ISPs are in
violation of several RFCs. The way the system is designed, if you want to
have a domain, you're required to provide certain public information. Even
InterNIC's Registration Agreement requires you to attest that the
information is true and correct...which of course means that all those
false registrants are guilty of perjury. Not that InterNIC will enforce
their contract except for the payment provisions.

Spam(tm) is pressed meat. Spammers should be too.

Dean Robb
On-site computer services
(757) 495-EASY [3279]