zonefiles

[Matt Prigge]

> Unscrupulous spammers have used TLD zonefiles in the past to harvest lists
of
> victim domains. Hopefully NSI (and/or whomever) is being *very* cautious
about
> allowing access to those files. Unless you have a legitimate (e.g.
> academic/research) need for the files, you shouldn't be allowed to have
access
> to them. Same applies to me or anyone else. Usually I don't advocate
> unnecessary secrecy or the hoarding of information, but I make an
exception in
> the case of potential spam abuse.

Verisign/GRS is in charge of the root zonefiles. They dont require a whole
lot of you (in terms of signing your life away). You need to sign a contract
that basically says that you wont use the information illegally or share it
with anyone else. They are very specific about prohibiting its use for
spamming purposes, but there arent any damages set out in the contract, so I
doubt that does very much to deter people. It looks like about all theyd do
if they found out you were 'misusing' the data is to deactivate your access
to it. I would think thatd be fairly hard to prove. Maybe not though. They
do keep track of an IP address that youre allowed to connect to download the
zonefiles from. They may monitor the whois traffic also originating from
this IP address to identify people misusing the data. I have no idea.

In general, I aggree with you. Even though I definitely have some legitimate
uses for these files, Id be just as happy to not have access to them if that
meant that spammers wouldnt either.

- Matt