Am 24.09.21 um 17:50 schrieb Slavko via mailop: > > While i cannot comment mentioned OVH domain, i will ask, why anyone > have to know from WHOIS of my domain my name, or my address or anything > about me as private person? Yes, if someone has archive of WHOIS > response, it was there and i was not happy from that. Are you having > label with these info at top of face when you are walking on the street? > > That some companies are misusing GDPR to hide own identity? That > doesn't mean, that GDPR is bad, it only shows that some companies are > (at least) suspicious. While it still can be private domain...
In the context of e-mail and especially e-mail abuse, the central thing is trust. When SMTP servers communicate with each other, they implicitly trust each other to be responsible internet participants. I can't trust a server whose operator keeps his identity secret. In the early times of the internet it was easy to find who was the technical or administrative contact for a mail server and bring up issues such as delivery problems or unwanted mail from their users directly with them. Whois was an important part of enabling that. It also enabled mail admins to identify whether some mail server was operated by a spammer, and take appropriate measures to keep the spam out of their servers. Today this is absolutely impossible. On one hand, it is pretty time-consuming to find a real technical contact for example to tell them that their mail isn't being accepted due to incorrect SPF records or invalid reverse DNS settings. I still hunt down contacts once in a while, but less and less so because I don't seem to find postmaster colleagues who appreciate being informed about problems and at least send a quick "thanks" response. On the other hand, identifying spamming organizations takes a lot of sleuthing and is still inaccurate guesswork (to me at least). NameCheap, Cloudflare, Domaincontrol as registrars and the various hosting providers go out of their way to keep the names of their spamming customers secret. These spammers are not private persons who are under GDPR protection but commercial entities who don't care that they are violating my and my users' right to self-determined communications and mailboxes without loads of spam. It's not "some companies", it's hundreds, and they are registering thousands of domain names per month to keep people from identifying and blocking them. In Germany, it's against the law to operate a website (even if it's the homepage of a local rabbit breeders club, as only personal and family uses are exempt) without having an accurate impress listing the names of the responsible persons (natural person or legal entity), address, e-mail and phone contacts. I think this is way too broad, especially regarding the border between private and public websites, but I also think it is absolutely crazy that for senders of commercial advertisements via e-mail none of this is necessary, and they can hide behind lame GDPR excuses even though it is totally clear that they are acting commercially. Of course, german law does not and should not apply to the rest of the world, but I think most civilized societies have some notion of truthfulness in commerce, you need to at least be able to know who you're dealing with when someone tries to sell you something or to influence you in other ways. Cheers, Hans-Martin _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
