I just got one of these confirmation emails from OpenSRS for a transfer to
Internet Domain Registrars that I did not initiate or approve.
First of all, I am disturbed that Internet Domain Registrars processed a
registrar transfer without my consent.
Second, in this case I am glad I have a way to block the transfer.
But... since when did OpenSRS start requiring confirmation for transfers to
other registrars? I thought Tucows was on record as opposing this behavior
by Register.com and NSI. Did we suddenly change our stance? I say "our"
because my name (as RSP) is at the bottom of the message!
I'm not against this change of policy, especially if Internet Domain
Registrars is on a domain hijacking spree. But this is the first I've heard
of it. Since I'm "signing" these messages it would be nice if I knew about
them.
----- Original Message -----
From: "Genie" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, June 23, 2001 12:11 PM
Subject: Re: can we track who requested Transfer Away from OpenSRS?
> Thanks Chuck, that's what I thought - we'll attempt contacting
> "winning" registrar Internet Domain Registrars and try to investigate with
> them:
> 1) How did they as winning registrar authenticate transfer request
> 2) Who initiated it
>
> I think the chances on receiving response are slim but then we do have a
> good contact
> email address for chief compliance officer at ICANN
> cheers
> Genie
>
> ----- Original Message -----
> From: "Charles Daminato" <[EMAIL PROTECTED]>
> To: "genie" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Saturday, June 23, 2001 10:42 AM
> Subject: Re: can we track who requested Transfer Away from OpenSRS?
>
>
> > Genie,
> >
> > There is no way to find out who the requestor is, as all we are doing is
> > parsing the registry notification of domain transfers, and sending an
> > email to the correspondent. All we get is the 'gaining' registrar, and
> > the domain name.
> >
> > Charles Daminato
> > TUCOWS Product Manager
> > [EMAIL PROTECTED]
> >
> > On Sat, 23 Jun 2001, genie wrote:
> >
> > > Also, there is NO WAY that this hijacker could have authenticated the
> > > request at Internet Domain Registrars side - since the domain in
> question
> > > has a valid email address of our Customer.
> > >
> > > That makes me question Internet Domain Registrars security processes
if
> they
> > > DO NOT AUTHENTICATE transfer requests properly and just send those
out -
> > > this is against ICANN rules! Time to contact [EMAIL PROTECTED]
me
> > > thinks.
> > >
> > > cheers
> > > Genie
> > > eyeondomain.com
> > >
> > >
> > > ----- Original Message -----
> > > From: "opensrs" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Saturday, June 23, 2001 5:42 AM
> > > Subject: RE: can we track who requested Transfer Away from OpenSRS?
> > >
> > >
> > > > same here. it just happened on wednesday
> > > >
> > > > -----Original Message-----
> > > > From: [EMAIL PROTECTED]
> > > > [mailto:[EMAIL PROTECTED]]On Behalf Of genie
> > > > Sent: Friday, June 22, 2001 11:04 PM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: can we track who requested Transfer Away from OpenSRS?
> > > >
> > > >
> > > > A customer of ours just received transfer away request from OpenSRS
> > > request
> > > > for one of their domains....
> > > >
> > > > They have not applied for it and suspect someone is trying to hijack
> their
> > > > domain... the OpenSRS message does not disclose anything about the
> party
> > > > attempting to do transfer away request.
> > > >
> > > > <snip>
> > > > A request has been received to transfer the domain ****.com
> > > > away from the Registrar Tucows. This request was entered at
> 22-Jun-2001
> > > > 14:12:02 by Internet Domain Registrars If this is a valid
request
> and
> > > > you ...
> > > > <snip>
> > > >
> > > > Is there a way we/customer can get more details (email address...
> name...
> > > > anything?) on the requestor? It would be nice to be able to track
> them
> > > > down.
> > > >
> > > > cheers
> > > > Genie Livingstone
> > > > eyeondomain.com
> > > >
> > > >
> > >
> > >
> > >
> >
> >
> >
>
