'Whois protection service'

Mark Foster blakjak at blakjak.net
Thu Jan 27 03:26:00 UTC 2005

Hi folks.
Don't post a lot here but i'm figuring you folks will know more about this
than my local NOG...

When investigating a host that spammed me today, I noted that when I
whois'd the domain that the mailserver involved has forward/reverse dns
pair for, the domain whois information comes up as follows:

Found crsnic referral to whois.enom.com.

Registration Service Provided By: Registerfly.com
Contact: support at registerflysupport.com
Visit: http://www.RegisterFly.com

Domain name: xmux.com

Registrant Contact:
   RegisterFly.com - Ref# 14155933
   Whois Protection Service - ProtectFly.com (14155933.fly at spamfly.com)

I'm unsure how appropriate it is to post anything more specific in the
open forum, but i've never seen this before. Whats the deal with hiding a
domain name owners true identity?
Is this not simply yet another protect-the-spammers mechanism?

I followed up the chain - the authoritive DNS servers for the domain in
question are hosts within a different domain, and this also has the same
protection engaged....

Is this old hat or something new? Is this still conformant to standard
.com/net registrant rules and regs? (here in .nz, the registry information
is required to be current and valid, and i've never seen a Registrar pass
itself off as the owner of a domain before (at least in any legitimate

Thanks in advance,

More information about the NANOG mailing list