Well, Two Jason Ingrams is not common, and OpenSRS made that mistake, what
about someone with My name,
Richard Jones, of which there is about 2 to 10 in EVERY single City I've
been ever been in.
Why don't they just make a short email that goes out to the current email
before it is changed, that simply says something to this
effect...
my $mailprog = '/usr/sbin/sendmail';
open (MAIL, "|$mailprog -t") or dienice("Can't access
$mailprog!\n");
print MAIL "From: RSP Business Name <RSP Contact Email>\n";
print MAIL "To: Admin Contact name <Admin Contact Email>\n";
print MAIL "BCC: Admin Contact name <New Contact Email>\n"; # BCC because if
it is FRAUDULENT, the real contact
# does not have the email address of the thief
print MAIL "Reply-to: RSP Business Name <RSP Contact Email>\n";
print MAIL "Subject: Requested Change for [insert domain name] received and
being acted upon...\n\n";
print MAIL <<"WARNTHEM";
This is just to let you know that we received your fax and are acting upon
it. We have sent this to both the Current email
as well as to the new email. If this is NOT authorized please contact the
company which you Registered the domain with,
within 24 hours, OR AS SOON AS POSSIBLE!
The email address will be changed VERY soon, in accordance with (ICANN's
policy, or Our Policy, or whatever policy...) for
changes through fax.
If you hit reply to this email it will go to [RSP Business Name] Where you
registered this domain.
Thank you for YOUR PROMPT attention to this matter!
WARNTHEM
close(MAIL);
Then make a form that all you have to do is enter the name of the admin
contact, the email and have the script lookup the RSP automatically, and
insert
their information. Then it would only take a few seconds to notify the admin
contact.
This would make it to where if there IS a screw up, Hey, at least the fault
lays with either the RSP for not responding to the admin contact if they
notify
them, OR the admin contact if they don't respond to the email, either soon
enough, or not at all.
Thanks
Richard.
http://www.firstratehosting.com/indexx.cgi "Your Host With the Most!"
http://register.firstratehosting.com/cgi-bin/index.cgi Register your Domain
with prices starting at ONLY $8.50 Per Year!
https://www.firstratehosting.com/register/cgi-bin/name.cgi Pre-Register your
.name domain TODAY!
----- Original Message -----
From: "Charles Daminato" <[EMAIL PROTECTED]>
To: "David Denney" <[EMAIL PROTECTED]>
Cc: "Dave Warren" <[EMAIL PROTECTED]>; "opensrs discuss"
<[EMAIL PROTECTED]>
Sent: Tuesday, March 19, 2002 3:03 PM
Subject: RE: hijacking, AGAIN
> When we get a request to change the admin contact, it's typically because
> the current email address is out of date/not working, so we update it, and
> then notify the reseller (which was done in this case) to contact the
> registrant and sort out the (changed) username/password details. There
have
> been thousands of such changes, it's an unfortunate reality that there was
> two Jason Ingrams which obfuscated the process.
>
> Charles Daminato
> OpenSRS Product Manager
> Tucows Inc. - [EMAIL PROTECTED]
>
> > -----Original Message-----
> > From: David Denney [mailto:[EMAIL PROTECTED]]
> > Sent: March 19, 2002 3:52 PM
> > To: Charles Daminato
> > Cc: Dave Warren; opensrs discuss
> > Subject: Re: hijacking, AGAIN
> >
> >
> > I would still like to know why the ORIGINAL admin contact
> > is never notified when a FAX is used to change the admin
> > information? I dont see it as our job to make sure you are
> > not handing our customers domains over to third parties.
> >
> > (They send the RSP notice when they are changing info based on
> > a fax, but we have no way of knowing if that fax was real or
> > not, so it seems like we must follow up on every one of those
> > just because opensrs does NOT notify the original admin contact
> > when an over-ride occurs. LAME LAME LAME LAME LAME.)
> >
> > Good thing my customer was only 'parking' that domain you
> > gave away, and not actively using it.
> >
> > Can we somehow get the domain LOCKED so the thief christian singer
> > doesnt steal it, YET AGAIN? (He stole it once before it was with
> > opensrs, while NetSlo still had their monopoly.)
> >
> > On Tue, Mar 19, 2002 at 01:30:27PM -0500, Charles Daminato wrote:
> > > Well, this has been resolved to our understanding and satisfaction. I
> > > cannot divuldge details since it would be plainly imprudent, but we
have
> > > done extensive research into this contacting several parties
> > from both sides
> > > of the coin (including the previous registrar) and feel that
> > the action we
> > > are taking is within our bounds and the appropriate thing to do.
> > >
> > > All parties that are involved are being contacted accordingly.
> > >
> > > Charles Daminato
> > > OpenSRS Product Manager
> > > Tucows Inc. - [EMAIL PROTECTED]
> >
> > --
> > David Denney | D i m e n s i o n a l C o m m u n i c a
> > t i o n s |
> > [EMAIL PROTECTED] | DSL * Wireless * ISDN * Frame * ATM *
> > PtP * Co-Lo |
> > 303-285-INET voice | http://www.dimensional.com/
> > [EMAIL PROTECTED] |
> > 888-3-DIMCOM tollfree | Based in Denver, serving the Front-Range
> > and beyond |
> >
> > ...they can have my ssh when they pry the keyboard out of my
> > cold, dead hands!
>
>
>
