Why am i geting spam on my new domain?
Have you ever registered a new domain and as if on track, you start receiving mails asking you to pay for SEO services, website design, app design, “Add your website to search engines in minutes”or even to renew your domain name when such service never exists?
Keep in mind that once you get such mails, the best practice is to ignore all these messages and never click on any link.
The question is, how do they do this? Like how do they know when a domain is registered?
There are a few ways to find newly registered domains:
- The domain’s owner information is public and easy to obtain through a WHOIS search. This information includes the name, address, phone number and email.
The WHOIS record for a given domain can be checked at pretty much any registrar but of course spammers will not check each domain manually. This can be automated with the WHOIS tool using the command line, or even with telnet.
There are actually various options for downloading the entire WHOIS database as well as daily updates to the WHOIS database. So they could have seen your new record in this manner from the WHOIS record (without knowing your domain) and obtained your email address from that.
- Anybody can see new domain registrations, at least in TLDr extensions like .com/.net/.org. This is public information and you could even compile this data for yourself using zone files. You can even apply for zone access direct from the registries.
Note that the rules vary from one extension to another. For instance most country code extensions (eg. .ca .fr etc) will not release their zone files or severely restrict access, but some however do publish lists of new or deleted domains on their websites.
- DNS resolvers (usually your ISP or someone else’s ISP) may also share resolving data. So if you ever “visit” a new domain you just purchased, your ISP will be aware of it instantly.
That’s only a few out of a lot of potential sources for finding newly registered domains.
So how can you prevent spamming after domain registration?
The solution is to purchase the Who is Privacy Service (also known as ID Protection) from your hosting and/or domain providers.
The cost that you pay for a domain privacy add on may not be when compared to the benefits you tend to reap from the privacy feature.
However, there are some privacy-conscious hosting providers like Usijali Hosting who offer this service at no cost to their customers.
This service is available with most TLDs and it will basically hide all your public details such as:
Your name
Your address
Your postcode
Your telephone number
Your email address
You will still have all the control on the information but the information will be hidden from the general public. Any requests to view your information will be passed on to you by your domain registrar and you will have the option to either reply or ignore the request.
Thus, domain privacy comes with many advantages like: protection of your personal data, no unwanted calls, protection of your email address, and prevention from domain hijacking.
Your second option is to Opt-out of WHOIS
One of the ways could be to opt-out of WHOIS. Individual users and non-commercial .uk domain name registrants are automatically opted out of WHOIS. But, this is not a universal solution. This can be largely used by individuals and non-commercial users only. Also, there can be chances that even after opting out of WHOIS, your information will still be available at other sites without you being aware.
SOME ADVISORY, HERE:
- Always use your factual information when buying a domain name and use the domain privacy option to avoid being spammed.
If you think that you can register through a disposable email address, then you really need to think again. Because, in case of any discrepancy, your domain can get locked and seized by the authorities.
- Follow your hosting provider’s rules and policies to protect your domain and immediately inform your hosting provider when you suspect any malware, spam or other malicious activities.
Thanks for reading!
2 comments