Press Release | 26.10.2007

Protective measures of DENIC applied for whois efficiently fight spam mails

The measures taken by DENIC with regard to whois queries are a very efficient means to avoid spamming of e-mail addresses of .de domain holders. This finding was supported by a recent report (http://www.icann.org/committees/security/sac023.pdf) of the ICANN Security and Stability Advisory Committee, which states that the amount of spam mails can be reduced considerably by them.

The publishing of e-mail addresses in the whois service is often named as one of the major data sources for spammers. A study executed on behalf of the Internet organization ICANN now put this statement to the test. Domains were registered under four different Top Level Domains (.com, .info, .org and .de) and randomly generated e-mail addresses were established. These addresses were not published anywhere else but in whois. For three months, incoming e-mails were monitored, and it was found that the published addresses were used for spam mails. However, the number of mails dropped steeply as soon as suited protective measures offered either by the registry or by the provider were utilized.

In case of .de domains, the defense measures introduced by DENIC proved to be particularly effective. The e-mail addresses of the .de domain holder and of the administrative contact are only published in whois if the domain holder explicitly requests their publication. In addition to that, the Terms and Conditions of Use of the whois service must be accepted by clicking a button before any data are displayed. Moreover, DENIC limits the number of queries permitted to be carried out from one IP address block within a defined period of time. Neither publishes DENIC any zone files and thus avoids automatic queries for domain lists.

All in all, the precautions taken by DENIC make sure that the whois data of .de domains can serve only as a rather minor information source for spammers. Publishing one’s e-mail address in news groups, chat rooms or on a website is much more likely to bring about a flood of spam mails.