[anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

In message <b741c19f-bae6-ca67-945f-052c5dfaa1e2 at key-systems.net>, 
Volker Greimann <vgreimann at key-systems.net> wrote:

>Hi Robert,

The  nane is Ron, actually.

>in 99,9% of the cases, the customer we forward the complaint to is not 
>the spammer, but the service provider used by the spammer for their 
>domain registration services, e.g. the party who has the closer 
>relationship and can actually do something about the issue, such as 
>disabling their customers access to the service.

OK, two points:

1)  *YOU* can do something about the issue if you are the registrar of
record.  All of this crap designed to evade any and all -responsibility-
on your part is just that, crap.  You hide behind multiple layers of
"resellers" and try to tell the world that because you elect to do
business this way, your company is can dodge all responsiblity.

These lame excuses and attemps to evade personal or corporate responsibility
don't work in war crimes trials and if there were any justice in the world
they wouldn't work any better on the Internet.

2)  You have "resellers".  OK.  Fine.  So you forward *my* spam complaint
on to your reseller.  Then your reseller forwards it on to his pet spammer...
you know... the one that is providing 93% of that reseller's domain
registration revenue.  Now, please explain to me, slowly and carefully,
what it is that either compels or even motivates your reseller to take
action against the party that is putting bread on his table?  More to the
point, please tell me what prevents that reseller from ratting me out to
his pet spammer, so that his pet spammer can then DDoS "the troublemaker"?

Your entire industry, with all of its sellers and re-sellers and re-re-sellers
is all just one colossal layered ponzi scheme which is funded and fueled
more than 90% these days by snowshoe spammers.  You know it and I know it.
The only people who don't know it are the people who haven't taken the
time to study what is really going on.

There are, at last count, something like eighty seven thousand ICANN
Accredited domain name registrars, and 98% of them would be out of
business tomorrow if it were not for the snowshoe spammer trade, because
there is NO real money to be made just selling domain names, one or two
at a time, to butcher shops and dentist's offices.  You are just porcine
animals, feeding at the trough of a corrupt trade made possible by what
amounts to your over-arching industry lobbying organization, ICANN.

>Also, our treatment of WHOIS is not in violation of ICANN contracts, but 
>in compliance with it. Check out the Temporary Specification to the 
>agreements that ICANN put out.

I really don't give a rat's ass what self-serving fradulent justifications
ICANN has put out to try to excuse their own inaction *or* your non-compliance
with your contractual commitments.  The fact remains that GDPR *does not*
restrict domain registrars from displaying the Organization: fields in
WHOIS records, specifically when the named organizations represent things
other than natural persons... which is almost always the case... and yet
I can name right now any number of ICANN Accredited domain name registrars
that are, and that have been, for quite some time now, very deliberately
suppressing literally *all* WHOIS data fields, period.  How do you justify
that?  How does your corrupt industry justify that?

>We are working hard to bring back some model to provide access to 
>registration data to parties with a legitimate interests, but...

Screw that! This is just a clever smoke-screen, invented by your corrupt
industry to try to fool naive and stupid people into believing that
there is really some complex issue here when there isn't.  The Organization:
field of each and every domain name WHOIS records is quite clearly SUPPOSED
to contain the name of the non-natural-person to which the domain name is
registered.  So why do most domain name registrars suppress this data?
What is your excuse for that, when GDPR clearly does not apply?

I am *not* talking about your industry's lame attempts to limit access
to the data to only *your* hand-picked non-troublemaker "parties with a
legitimate interest".  These are just industry code words for "law
enforcement only" access.  This is what your industry wants, because
you all know good and goddamn well that law enforcement doesn't have the
time, the interest, the training, or the manpower to chase down mere
small-time hackers and spammers, so your industry-wide plan is to
proceeding according to these two phases:

    1)  Suppress *all* WHOIS information, even for entities not covered
        by GDPR, and then...

    2)  When people complaint that you are violating your clear contractual
        commitments to ICANN (which ICANN, which also profits handsomely
        from the snowshoe spammer trade, is conveniently doing nothing
        about) then your industry offers to "compromise" by allowing WHOIS
        access *only* to untrained, ineffective, and mostly uninterested
        law enforcement.

Actually, I must complement your whole industry for being so clever about
all of this.  You all set out, with a unity of purpose, to try to screw
Internet end users and to preserve your industry and its ability to make
fat profits from spammers and phishers, all while making sure that WHOIS
became entirely off-limits to the public at large, just so that none of
those nosey busybodies could call you out publicly for the fact that
you are all these days catering, mostly, to spammers and phishers .  And
your plan is so far working beautifully for you.  You are all working
together to screw and disappear the entire WHOIS system which has existed
since the very beginning of the Internet, all just so that you guys in
your industry can make fat profits without even the smallest smidgeon of
public accountability.

I hope that you are proud of what you and your industry have accomplished.
But I just have to ask:  Does your mother know what you do for a living?

I won't blame you if you tell me that you are too ashamed to tell her.


Regards,
rfg