The way things are going, in the near future all registrars will automatically lock domains when registered, making any sort of renewal scam impossible. So the new system will be something like this:
1. Registrant recieves 'renew' notice in mail 2. Registrant mistakenly fills it out and sends it back to the 'scamming' registrar 3. 'Scamming' Registrar bills registrant, then attempts to transfer domain 4. Transfer fails due to locked domain 5. 'Scamming' Registrar is forced to refund money for transfer 6. World Peace ensues. Jamie ----- Original Message ----- From: "Jack Broughton" <[EMAIL PROTECTED]> To: "Ken Joy" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, May 01, 2002 11:59 AM Subject: Re: Transfers > On the subject of "playing fair" I have had two clients who have forwarded the > mysterious Verisign renewal invoices to the RCMP. Having a return address of a > PO Box in Fort Erie Ontario really didn't do anything for their peace of mind / > feeling like the transaction was legitimate. > > Also the fact that they wouldn't take anything but a credit card number was > another head's up that something wasn't above board. > > We shall see how this all shakes out. > > Jack > > Ken Joy wrote: > > > Right....I can only restate that we like to play fair... > > > > Verisign also sends postage paid renewal notices that look a little like > > invoices....and just laid off, what, half of their staff? Not the ones to > > follow, I think. I am a firm believer that the industry needs sound > > regulations enforced by a fair (but active) policy body. I don't think we > > need all registrars agreeing to NOT play by the rules. > > > > Now again, this is more my feeling on the issue than anything else; we are > > always examing our policies in light of movement in the industry....and > > feedback from our resellers. And, keep in mind that you get your 'default > > NACK' through domain locking, applied properly (and not against a > > registrants wishes) > > > > Thanks, > > > > Ken > > > > > -----Original Message----- > > > From: Neil Anderson Saunders [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, May 01, 2002 11:04 AM > > > To: Ken Joy > > > Cc: [EMAIL PROTECTED] > > > Subject: RE: Transfers > > > > > > > > > On Wed, 1 May 2002, Ken Joy wrote: > > > > > > > By ICANN policy, it is the responsibility of the GAINING registrar (in a > > > > regsitrar transfer) to obtain the transfer authority from the > > > administrative > > > > contact. The way the process is built, when the Regsitry > > > notifies the LOSING > > > > registrar of the transfer away request, they had 5 days in > > > which to ACK/NACK > > > > this request; taking no action implied an ACK. > > > > > > > > For the first year of our existence, we trusted that in the case of > > > > transfers away from us, the gaining registrar had obtained the > > > appropriate > > > > authority, and we (like most registrars at the time) did > > > nothing with this > > > > 'transfer-away' notification. Eventually (maybe a year ago) we > > > (in response > > > > to more complaints about hijackings) built a losing-transfer messaging > > > > system into the OpenSRS which would confirm the transfer-away > > > request with > > > > the admin contact. However, because our role as the LOSING > > > registrar forbids > > > > us (and we like to play fair) from NACKING a transfer-away without an > > > > express command from an admin contact, if the Admin contact > > > doesn't actually > > > > NACK our request, we let the domain go. > > > > > > Hi, > > > > > > How is it then that VeriSign can do the opposite? Here is an example of a > > > registrar transfer from VeriSign to OpenSRS send to the admin contact. It > > > stats that Verisign will by default NACK any registrar transfers: > > > > > > >From [EMAIL PROTECTED] Wed May 1 15:59:55 2002 > > > Subject: [NIC-020430.6996] Information about your account > > > > > > Dear Valued VeriSign(r) Customer: > > > > > > You know the value of being a VeriSign(r) customer. > > > We've put 6 million customers on the Web and are the > > > industry leader in domain name registration and digital > > > trust services, enabling everyone, everywhere to engage > > > in online commerce and communications with confidence. > > > > > > **************************************************** > > > Unsurpassed Quality and Service > > > > > > 24 HOUR CUSTOMER SUPPORT > > > FREE access 24 hours a day, 7 days a week. > > > Get help when you need it. Customer Support is available > > > by phone, e-mail, and through our Web site. > > > > > > ONLINE MANAGEMENT TOOLS > > > Manage all your services with our easy-to-use, Web-based > > > interface. Set up your Web site, add additional e-mail > > > boxes, modify your contact information...it's all in > > > one place. > > > > > > **************************************************** > > > > > > We take every effort to protect you against unauthorized or > > > fraudulent registrar changes. We've received a request to > > > Change the Registrar of your domain name XXXXXXXXXXXXXXXXXXXX.COM to > > > another registrar. You're a valued customer, and we want > > > you to remain with VeriSign. To keep your domain with > > > VeriSign, no action on your part is necessary. To > > > authorize a change of registrar, copy and paste the line > > > below into the subject line of your return email: > > > [NIC-020430.6996]:XXXXXXXXXXXXXXXXXXXX.COM:565308:TRANSFER=YES > > > If you don't respond within 96 hours from the time stamp of > > > this email, the request to Change Registrar will be denied. > > > The timestamp of this email and the time to respond are > > > based on Eastern Standard Time. If you have any > > > questions, please email us at: [EMAIL PROTECTED] > > > > > > At VeriSign, we've been building online identities since the > > > Internet was introduced. We will continue to put this > > > experience and reliability to work for you. Thank you for > > > being a VeriSign customer. > > > > > > > > > > > > (c) 2002 VeriSign, Inc. All rights reserved. > > > > > > Kind regards, > > > > > > Neil > > > > > > -- > > > Neil Anderson Saunders > > > edNET > > > t: +44 131 466 7003 (office) > > > d: +44 131 625 5560 (direct) > > > > > > > > > > > > -- > > > > > > This email and any files transmitted with it are confidential and intended > > > solely for the use of the individual or entity to whom they are addressed. > > > If you have received this email in error please notify the sender. Any > > > offers or quotation of service are subject to formal specification. > > > Errors and omissions excepted. Please note that any views or opinions > > > presented in this email are solely those of the author and do not > > > necessarily represent those of edNET or lightershade ltd. Finally, the > > > recipient should check this email and any attachments for the presence of > > > viruses. edNET and lightershade ltd accepts no liability for any damage > > > caused by any virus transmitted by this email. > > > > > > -- > > > -- > > > Virus scanned by edNET. > >
