> Rate-limiting the WHOIS servers works really well. The reason your > address is "harvested" from the WHOIS database has very little, I > suspect, to do with folks actually combing the whois output, and have > everything to do with the bulk-availability requirements of the WHOIS > data that are mandated by the powers-that-be at ICANN. > > Implementing, on a whois server, a sensible rate-limiting structure, > can thwart those unfortunate ones who are crazy enough to query the > database, one at a time. > > If you want your WHOIS record data to not end up in spammers' hands, > you need to convince ICANN to get rid of the ability of a spamhaus to > pony up to the table with coin and demand a copy of the thing in full.
The first statement is spot-on - with the changes in the output, we've also gotten pretty aggressive with the rate-limiting and outright blocking over the last week. As far as the bulk-whois goes, I've not seen any indication that this is necessarily true. I would agree that the bulk-whois policies need to be tightened up though. -rwr
