NameSilo

Reducing WHOIS spam -- ideas?

Labeled as question in General Domain Discussion, started by GeorgeK, Jul 30, 2017

Replies:
28
Views:
3,125

  1. GeorgeK

    GeorgeK Leap.com PRO VIP ★★★★★★★★★★

    Posts:
    384
    Likes Received:
    2,019
    Most of us in this forum probably get more than our fair share of WHOIS spam emails, given our above average holdings of domain names compared with the general population. Any ideas on how to reduce it? I seem to get endless "Expired SEO" spams, for example.

    I was thinking that the amount of spam I receive might be lower if I switched my admin email address to a Google Gsuite/Gmail powered account. My theory is that spammers don't want to get banned by Google Gmail or Google GSuite, and so there'd be above average spam to domains hosted elsewhere. Alternatively, Google might be quicker to slow down such bulk mail, since they see more of it compared to smaller email providers. In other words, there's some extra protection being part of the Google Gmail/Gsuite "herd", so to speak.

    Any thoughts, ideas or suggestions?
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Kuffy

    Kuffy Name Stag VIP

    Posts:
    3,593
    Likes Received:
    5,700
    I've been using gmail, and I'm thinking of dumping it. They are starting to impose their ideas on website structures, and they seem to be dropping mail that doesn't comply. Also, they are getting too dominant, and I think it might be in our interests to try to sustain diversity on the net.
     
  3. alcy

    alcy Top Contributor VIP

    Posts:
    19,911
    Likes Received:
    34,499
    been using gmail since I started domain... and then of course way before that for my email.

    I get about 100 spam mails per day... in relation to my gmail addres on domain regs.
    and about 1 of those per week misses the spam folder.

    in short, with gmail, I hardly even know spam exists.

    far as I go, google with its gmail and everything else they invent, is abotu the best thing to happen to mankind since fire.
     
    Last edited: Jul 30, 2017
  4. GeorgeK

    GeorgeK Leap.com PRO VIP ★★★★★★★★★★

    Posts:
    384
    Likes Received:
    2,019
    I was hoping that with GSuite (i.e. paid GMail, branded with one's own domain), some high volume bulk spam would be entirely blocked, and wouldn't even get to the spam folder.

    I still check my spam folders, so getting 100+ per day would still suck. :xf.frown:

    One big downside to switching my email admin in the WHOIS is that all the spammers that have blocked my current email address (because I've reported them to their ISPs, opted-out, etc.) will start getting through to my new account..... :vomit:
     
    Last edited: Jul 30, 2017
  5. Kate

    Kate Domainosaurus Rex VIP ★★★★★★★★★★

    Posts:
    21,115
    Likes Received:
    22,515
    1. Use a dedicated E-mail address for whois, not the main corporate address
    2. I prefer to run my own mail servers, for privacy and control. So I can set my own rules and have maximum flexibility.
    For example, I can reject some mails with offending subject lines by using regular expressions: thus the mail is blocked before it's even been accepted by the mail server. And then a rule is added on the fly to the iptables firewall (to block the IP address). The "Expired SEO" spams can be blocked fairly easily.
    3. On the mail servers I can set up forwarders (aliases) or temporary addresses, and rotate them from to time... so that the spammers using cached whois are left with useless data...
     
  6. GeorgeK

    GeorgeK Leap.com PRO VIP ★★★★★★★★★★

    Posts:
    384
    Likes Received:
    2,019
    Thanks, Kate. I was planning to setup a dedicated email address with a domain I control, to be able to segment those WHOIS emails from everything else. I had been thinking about rotating the email addresses too, but it would have the downside I mentioned above, namely that spammers who've stopped emailing me (because I reported them to their ISPs, or opted out, or whatever) would now have a fresh email address to spam!

    While there are advantages to running one's own mail eservers, as you correctly point out, having a turnkey solution like Google GSuite is a bit simpler.
     
  7. emadpino

    emadpino Established Member

    Posts:
    1,262
    Likes Received:
    158
    From 100+ spam daily to 1 or 2 now, sometimes NONE. using gmail.

    1) whois privacy. A MUST at least for me.
    2) block and report every spam email. (very useful).

    That is all.
     
  8. Thirwell Castle

    Thirwell Castle Established Member

    Posts:
    226
    Likes Received:
    244
    I use Whois privacy and life has been easy ever since.
     
  9. siddardha

    siddardha Established Member

    Posts:
    374
    Likes Received:
    247
    I get a fair share of emails from not opting for privacy at the beginning.
    But it reduced after I started buying names from Namesilo(free privacy)

    I bought a domain for a dollar to Bigrock(without privacy) two days ago and it started storming spam

    In I hr 4 calls and and over 10 messages regarding website design. I politely decline them all with a 'No Thanks'

    I guess they will stop after a couple of days for me as they will be busy targeting new domain owners
     
  10. Thirwell Castle

    Thirwell Castle Established Member

    Posts:
    226
    Likes Received:
    244

    Can you transfer out of bigrock easily and what did you use, like a coupon or something?
    About to try them?
     
  11. siddardha

    siddardha Established Member

    Posts:
    374
    Likes Received:
    247
    Not sure about the transfer process of bigrock, but hope it will be normal
    For the registration, I used a coupon something like 'br99domsale'

    Try googling and you might find one for 59rs
     
  12. Makise

    Makise Country Manager RU/UA/BY/KZ Epik.com Staff VIP

    Posts:
    1,271
    Likes Received:
    1,431
    i know, gmail have good spam security.

    for your domain create *domain*@gmail.com and enter in whois contacts.
     
  13. GoKaizen

    GoKaizen Always be Learning VIP ICA Member

    Posts:
    2,965
    Likes Received:
    3,244
    With your premium portfolio @GeorgeK why not just use Whois privacy? Doubtful you would see a drop in inquiries. :)
     
  14. HotKey

    HotKey Made in Canada VIP

    Posts:
    3,322
    Likes Received:
    8,573
    1) A pain in the butt for dealing with sales and transfers, constantly having to remove your whois and manually check what email you are using. It also turns people off from sales inquiries.
    2) Again a pain in the a$$ because it's so time-consuming. It's like a part-time job except more of a volunteer effort because you aren't getting paid for it.

    The only real solution is what Kate said running your own mail server you want 100% control. It sounds like people are having success with Gmail suite, so please update this thread with results if you decide to go that route..:)
     
  15. anantj

    anantj Top Contributor VIP

    Posts:
    4,174
    Likes Received:
    4,001
    Very easy to transfer out of Bigrock... Standard process... Get EPP, Unlock domain, initiate transfer
     
  16. biggie

    biggie GreenFriendly.com VIP ★★★★★★★★★★

    Posts:
    11,092
    Likes Received:
    13,038
    i feel your pain @GeorgeK

    i get spam phone calls too

    but if we, as domainers, are getting spammed to death,
    just imagine what 'potential end-users' are going thru

    :)


    imo....
     
    Last edited: Jul 31, 2017
  17. LucidDomains

    LucidDomains LucidDomains.com VIP

    Posts:
    2,951
    Likes Received:
    6,693
    Simply create a rule to move all "Expired SEO", "App Development" "First page of google" etc.. emails to the Deleted folder.

    Mission complete.
     
  18. GeorgeK

    GeorgeK Leap.com PRO VIP ★★★★★★★★★★

    Posts:
    384
    Likes Received:
    2,019
    With WHOIS privacy, it's hard to prove that you're the actual owner of the domain name, and establish it independently (e.g. in DomainTools WHOIS history, etc.). If the domain name gets stolen, etc., it might make it harder to prove the theft, etc.
     
  19. BrandChimp

    BrandChimp Life is short. Get up and make yours better. Chimp

    Posts:
    3,635
    Likes Received:
    2,854
  20. BrandChimp

    BrandChimp Life is short. Get up and make yours better. Chimp

    Posts:
    3,635
    Likes Received:
    2,854
    Whois Privacy and Gmail + Filters = :xf.smile:
     
  21. CraftNames

    CraftNames Established Member

    Posts:
    85
    Likes Received:
    53
    Here are some steps I've taken and recommend...
    1. Use a custom domain just for whois registrations - I used Google GSuite for Business. $5/month. I find that Gmail's backend has the strongest and most accurate spam filtering over any other.
    2. Setup catch-all email setting - if you want to use custom names like (specific domain)@(yourbusiness).com that works well, and you can filter based on that. You can also do the + trick (look it up). If you take the time to do this, you can then also filter out any email you get NOT part of that setup into to the trash or archive. I also like doing this for sign ups at various businesses i.e. [email protected](mybusiness).com and you can see if any of them are selling your information.
    3. Start filtering per @LucidDomains recommendation above on words like "SEO" "Free Logo" "App development" etc. to trash.
    4. If you have a lot of short liquid domains and hate the Chinese spam, you can just filter out a bunch of Chinese characters (I started with these symbols 人民币元 which are used for CNY currency and are in most of their emails)
    5. Blacklist commonly abusive domains, whitelist your more commonly accepted domains (with filters)
    6. Check out this chrome plugin - you can quickly scan sending domains of emails without opening the email http://no_url_shorteners/2wtQ9qZ (I browse through my spam folder in seconds b/c 99% is outlook/hotmail/mail.ru/etc)
    7. Click and report ALL spam to google, check also for spammers using mailchimp or other mail platforms, those have abuse email reporting tools as well. The more you do this, the better it gets, for everyone.
    8. NEVER use a real phone number. Sign up for google voice, turn off call forwarding, have it all get sent via email, setup filter to immediately archive and put it into its own folder. You can then sort by voicemail, read the transcripts for legit calls, delete the rest. 99.99% will be garbage.

    Domain privacy doesn't solve much because if you shut off all email from being forwarded, you are losing out on potential inquries, whois verifications, etc. If you do get forwarded, then it does help from your email being scraped, but then they are just scraping an email that forwards to you anyway. Only really worth it to hide identity when needed.
     
  22. Michael Daigle

    Michael Daigle Established Member

    Posts:
    72
    Likes Received:
    327
    I don't use domain privacy. I get lot of emails with "Domain SEO notice" and other messages based on our whois info.

    I use Zoho, and can easily mark the emails as SPAM with a right-mouse-click. Any future emails from same sender will go directly into spam folder.

    Zoho also detects potential spammers based on customer feedback, so my inbox remains in pretty good shape overall.
     
  23. TCK

    TCK NameOptions.com VIP Gold Account ★★★★★★★★★★

    Posts:
    2,075
    Likes Received:
    1,954
    Not sure if this was mentioned as I scanned quickly the previous posts but what you can do is register a custom domain for your admin whois that is in an extension that has very limited whois info.

    In my case, since I am in Canada, .ca is perfect for that as the whois is very limited (only creation date and nameservers). But you will have to add a phone number to the individual domain whois plus registrant company and contact name. For company and contact you can easily put something generic.

    Spam has gone down significantly, both email and phone. Although one time I got a call from an Indian "company" asking to speak with "Private Registration", lol.
     
    Last edited: Aug 6, 2017
  24. GeorgeK

    GeorgeK Leap.com PRO VIP ★★★★★★★★★★

    Posts:
    384
    Likes Received:
    2,019
    One potential downside of changing the admin email is that the domain name could get locked for 60 days due to the new ICANN transfer rules. I'm not even sure if my registrar would allow a bulk email change under these new rules, or whether I'd have to manually approve each one (which might take many hours of clicking).
     
  25. TCK

    TCK NameOptions.com VIP Gold Account ★★★★★★★★★★

    Posts:
    2,075
    Likes Received:
    1,954
    If the buyer has an account at the same registrar then the 60 day rule shouldn't be an issue.

    Not sure if the registrar will allow you to approve the Whois change in bulk. You can check with your account exec.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...