CircleID

Forwarding addresses wouldn't be a great solution to WHOIS spam. I wouldn't want emails intended for me being monitored by ICANN or passing through their servers. ICANN wouldn't be able to do much about spam, even if they did know the identity of the top spammers. Harsher penalties (even bounties), and greater transparency are much better ways to stop spam.

I agree with George Kirikos. It is important to try not to create new problems when resolving current ones.  Rather than use ICANN to filter WHOIS SPAM, we should promote privacy of WHOIS data, which would block WHOIS SPAM as well.

As for law enforcement interests, I am not sure how a public WHOIS database has anything to do with fighting terrorism.  The link is quite nebulous.  Certainly, if we become persuaded that ICANN should keep WHOIS public for the purpose of fighting terrorism, then we also have the algorithm for obliterating privacy under all contexts where fear overpowers reason.

Both good points.  I should mention that Paul Twomey also mentioned fighting child porn along with terrorism.  As someone at the conference pointed out, however, law enforcement already has access to unlisted phone numbers when they try to fight these crimes.

Perhaps a better solution to Whois spam is to have the registrar be the filter, so a domain could be like domainnamewirecom@godaddy.com.  However, you still have the issue of someone else being able to read your mail.  If you set it up soley as a forward and only in Whois this should not be a big deal.  Someone using your Whois e-mail address is either writing to buy your domain or sell you something.  But I'm not trying to say this will stamp out spam completely.

I'll let you guys know my results of changing my email addresss is Whois to a specific catchall.

And spam fighting as well - I've had it up to here with botnets being setup that cycle through a few hundred brand new domains a week.

Have whois privacy if you want, but as a necessary corollary, have registrars be a bit more responsible and proactive in cases of spam / abuse (trademark suits, dmca violations etc can and will need more careful handling obviously)

Prevent scripted registration of domains by abusers [who typically use stolen cards so I guess avoiding all the chargebacks is a bonus for the proactive registrar]

Make sure spammer, phisher etc domains are taken down promptly - and as needed, ALL domains registered by the same spammer are taken down.  If its a phisher, botnet etc domain, the first 48 hours or earlier after creation is key for the scammer to rake in his profits.

That sort of thing can put a very pretty looking dent in a botmaster's operations.

Yes, I know - some registrars do this routinely. 

The worst problem is that quite a few registrars just don't bother, or cite some quite vaguely defined ICANN rules, while quite a few other registrars are quite happy to operate under those rules to deactivate.

Suresh,
Responsible registrars do perform the task of shutting down spam domains, but the smaller guys often don't have the resources or the resourcefulness to make it happen in a consistent fashion.

I have been told of a ~100,000 name registrar who operates with a 4 person staff.  Kinda hard to keep doing it "right" with that size team.

-Ram

Its not rocket science.  And a substantial part of it is building automated fraud warning systems.

It is not just the small shops by the way.

You'll find very large registrars that have huge numbers of spammer / botnet etc domains signed up and zero action being taken on these.

WRT your comment on Levine's post -

What is interesting is that aggressive and automated domain tasting seems to occur almost exclusively through just a handful of registrars (I should know).

You'll find that a handful of registrars are a major contributor to the problem I mentioned too.

Somehow, quite a few of the small two to four man outfits running a registrar out of their garage seem to do just fine in controlling abuse, and huge registrars do not - despite all the extra staff and resources they have.

Very interesting - I did not realize that the problem was not only widespread, but was perhaps more localized with the larger guys vs. the smaller ones.

At some time, I hope a code of conduct comes up for adoption…

Registrar policy enforcement is probably the weakest link in trying to fight net abuse right now

The problem is of course not the ISPs, registrars etc that do take action, it is those that just dont bother to do so.

You're seeing massive abuses of things like the 5 day grace period for certain TLDs?  Well, its not just typosquatters who signup for new domains.  A lot of spammers do just that. All the time. 

It is even more fun when the whois db gets updated maybe twice a day but a domain appears in dns the moment its registered, so that you cant trace a domain back to the spammer, or see that a whole bunch of different, randomly named domains that are spamming you are actually related. 

Now how is that going to be countered if only some registrars bother to do something about it and there's apathy (or perhaps ignorance) among several other registrars?  ICANN can probably do something about it, perhaps just putting the question of what the registrars must do, to the registrars themselves, and trying to get some consensus.

Australia recently came up with an ISP industry suggested antispam / net abuse code of practice that got approved and endorsed by the government [and the australian laws & codes of practice on spam / net abuse are excellent]

The ITU has been suggesting that governments back antispam laws with an enforceable set of best current practices for ISPs

Now I know what most ISPs (and registrars) will say about government mandated regulation - but I fear that it wont be long coming if the current state of affairs persists. 

One way to go would be for the industry to come together and form its own voluntarily applicable best current practices, and to follow them .. governments are not too likely to object to that

If ICANN actually takes the lead in something like this, you'll manage to produce something thats quite useful.  Achieving consensus on anything like this is difficult but it has to be done. 

-suresh

"One way to go would be for the industry to come together and form its own voluntarily applicable best current practices, and to follow them .. governments are not too likely to object to that"

Suresh, this seems worthy of mention to the GNSO Council chair (Bruce Tonkin), and perhaps also to the Registry & Registrar Constituencies.  They have the werewithal to make it happen.

Sounds like a great thing for afilias to take the lead on, then.

Ram,

I ran on a platform that registrars can, and should do just what Suresh advocates, and lost. The problem isn't dumb small registrars, its that ICANN's budget dance was far too important for registrars to work on anything else, so amid great handwaving, the RC got some "new blood". That guy just checked out after two years of ... budget stuff and an RC website rev.

Its just not going to happen. Fraud is here for keeps.

Cheers,