On Sat, May 13, 2006 at 12:30:26PM -0700, Marc Perkel wrote: > Is there any kind of a fast database sumewhere (doesn't have to be live) > where whois data can be looked up fast? I want to be able to pipe a > bunch of domains (spammers) into something and return the owners. I'm > figuring out that this might be a very powerful way to ID spam.
WHOIS data doesn't often identify the actual owners of domains, particularly domains used for/in spam. Seeing which domains share the same nameservers can sometimes be instructive, although even then some spammers change their nameservers regularly to avoid detection. What you may find useful is translating the IP address to the AS number which can be done via DNS: http://www.cymru.com/BGP/asnlookup.html#dns $ dig +short -t txt 5.231.50.69.origin.asn.cymru.com "26904 | 69.50.224.0/20 | US | arin | 2003-06-05" $ dig +short -t txt AS26904.asn.cymru.com "26904 | US | arin | 2002-12-16 | NECTARTECH - NECTARTECH SERVICES" Cheers, Andy
signature.asc
Description: Digital signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
