Spamming the domain whois database

This guy has no sense of ethics. Here’s an email I received today from “Mark Johnson”

to whois
From: Mark Johnson
Date: Sat, 08 Jan 2005 11:14:56 -0600
Subject: Swap links?


My name is Mark Johnson. I run a casino web site called Select-Online-Casinos and am pulling together a directory of relevant links. It would be great if you could consider linking / swapping links.

I thought your site should go in the following subdirectory:

But let me know if you want to put it somewhere else.

If you want to swap links please either mail me or click on add a site at this URL


[email protected]

I know this guy harvested my email from the WHOIS database for domain names. Who knows how many others he spammed. Here are the email headers:

Received: by with SMTP id 51cs22895wru;
Sat, 8 Jan 2005 09:15:03 -0800 (PST)
Received: by with SMTP id y79mr10181rnb;
Sat, 08 Jan 2005 09:15:03 -0800 (PST)
Received: from ([])
by with ESMTP id 71si657555rna;
Sat, 08 Jan 2005 09:15:03 -0800 (PST)
Received-SPF: neutral ( is neither permitted nor denied by domain of [email protected])
Received: from [] (
by with esmtp (Exim 4.31)
id 1CnL6T-0002zw-5e
for [email protected]; Sat, 08 Jan 2005 10:14:21 -0800
Received: from dora ([]) by with MailEnable ESMTP; Sat, 08 Jan 2005 11:14:56 -0600
Message-ID: <24778599.1105204496507.JavaMail.SYSTEM@dora>
From: Mark Johnson
Subject: Swap links?
Mime-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
Date: Sat, 08 Jan 2005 11:14:56 -0600

Hopefully he doesn’t get a response to this. I’ve been seeing lots of spam in many forms for casino-related sites.

4 Responses to “Spamming the domain whois database”

  1. Anonymous says:

    How exactly do you know that the email was harvested from whois and not somewhere else?

    The whois lookup of our site shows the email addresses as images.

  2. Greg says:

    So if I am on a message board reading posts and I see an email address on one of the posts, am I spamming if I send a mail to that address?

  3. Johnathon says:

    No disrespect Elliot… but that’s not spamming. People often misuse the word ‘spam’ to apply to any type of unrequested or unwanted email.

    Spamming is when someone is sending mass bulk email with forged headers, and when you try to write back to the email address it was sent from, it doesn’t exist.. By internet law standards this user has provided a way for you to unsubscribe yourself from his mailing list. The email address he listed at the end of his message is the same as his web address. In the eyes of the court he is in the clear….Now, some people might find it ‘rude’ to be contacted this way, but when you compare it to having someone calling you by phone, some people consider email as a less-intrusive way to network online..

    Peace Bro,

  4. Elliot Lee says:

    Anonymous: the email was sent to an address that I use only for whois records. Many different websites provide access to the public whois database. Some of them convert email addresses to images to prevent automated spam bots. However, many of them do not. Also, people can buy complete whois databases and then use the data as they wish. Further, OCR (optical character recognition) software can be used to read email addresses from images, so nothing is foolproof in that regard.

    Greg: I consider that spam if you write them an email unrelated to their post. Also, if you send mass emails to more than one person at a time, that’s spam.

    Johnathon: language is fluid. Spam originally meant unsolicited commercial email. That’s exactly what this is. I know what the CAN-SPAM act says, and this is legal. But it’s definitely not ideal. I agree that this is a less-intrusive marketing tactic than telemarketing. At least this way I can have my email client automatically toss out the trash.

Leave a Reply