[arin-ppml] Draft Policy 2008-7: Identify Invalid WHOIS POC's
Keith Medcalf
kmedcalf at dessus.com
Sun Mar 29 11:26:12 EDT 2009
Ted Mittelstaedt wrote:
> The valid POCs can be handled by automated e-mail systems with a
> specific URL link in the mail sent to the POC. Network Solutions
> already does this for ALL domain name holders in their registrar and
> it's completely automated. ARIN staff can contact Network Solutions
> and ask how they do it if they do not understand how to do this.
Network Solutions does not do this. My domain is registered with Network Solutions and always has been. I have nothing to update, nonetheless, the only verification attempt I ever received from them was many a year ago when they did a postal mail validation. I have never received e-mail attempting to verify my POK data at Network Solutions.
Of course, it is possible that they (NetSol) [have] attempt[ed] to use SMTP transported web-pages sent from a non-RFC compliant SMTP server, in which case I would have never received the messages (and they would not qualify as "e-mail" anyway).
Thus my requirement that any policy authorizing e-mail (SMTP transported) verification of POK data have a very narrow definition of what qualifies as "e-mail". In order to qualify as e-mail, the message MUST be text/plain and MUST be sent from a strictly RFC compliant SMTP host which has (a) proper forward and reverse DNS; (b) proper MX records for the sending domain; (c) must be sent from the ARIN.NET domain (not a third party mailer); and, (d) must have correct SPF records if any.
The interpretation of "e-mail" must be strictly specified. Interpretation of what consititutes e-mail MUST NOT be open for interpretation by the unwashed, particularly those members of the unwashed who believe that web-pages by SMTP is somehow "e-mail".
--
() ascii ribbon campaign against web-pages via SMTP
/\ www.asciiribbon.org
More information about the ARIN-PPML
mailing list