NinerNet Communications™
Blog

Corporate Blog

WHOIS privacy for domain registrations

17 July 2018 12:58:23 +0000

We have offered so-called private registrations (“WHOIS privacy”) to clients for years, but it’s not a service we have gone out of our way to push. This is because the public record of your domain registration is (or was) an important factor in establishing the authenticity of your business, and hiding it is (in our opinion) counterproductive for that use.

However, one of the major effects of the GDPR on the Internet industry is that, for now at least, all of your contact information for your domain registrations is no longer available to the public. This is a welcome development, as far as keeping your email address out of the hands of the spammers and fraud artists who mined the WHOIS for email addresses is concerned

We do offer WHOIS privacy, and will continue to do so with our new registrar. However, our contract with the new registrar means that we can only offer it to non-commercial registrants. The use of WHOIS privacy by individuals is entirely prudent and sometimes necessary, but should not be necessary for businesses. Therefore, for that small percentage of our commercial clients who have been using WHOIS privacy up to this point, we will no longer charge you for it and it will be removed from your domain registration once your domain is transferred to the new registrar.

Per your domain registration agreement, all domain registration data for domains registered with us are still available to us, the registrar and (if necessary and armed with the required legal documents) law enforcement, so this change changes nothing in that regard. We’re just giving our business clients notice that WHOIS privacy will no longer be available to them, but the good news is that it’s no longer really necessary with access to the WHOIS being restricted by default now.

Something you might want to consider is changing the contact email address for your domain(s) if it receives a lot of spam. The fact that spammers can no longer harvest email addresses from the WHOIS will not stop them from spamming addresses they already have. However, if you set up a brand new address for the WHOIS and delete the old one after a short overlap period, your new address should receive far less spam.

If you have any questions or concerns, please let us know. Thank-you.

Quarterly kwacha rate review, Q3 2018

1 July 2018 02:21:08 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are maintaining our retail kwacha prices until the next quarterly review.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our kwacha rates are available on our website.

Mathematically speaking, by the slimmest of margins, we should be increasing our rates to the next level. If the trend continues then we will next quarter, but the trend is just as likely to stay the same or even reverse marginally, and so in the interests of stability we’re keeping our rates where they are.

Change of domain registrar

28 June 2018 06:39:22 +0000

Over the next year, starting today, we will be migrating all domain registrations under our management to a different domain registrar. For the most part these migrations will take place as the domains are renewed.

To be clear about NinerNet‘s position in the domain ecosystem, we are a reseller of domain registrations, reselling domains registered with domain name registrars, who in turn register domains from domain name registries. For the last seventeen years we have been a reseller for OpenSRS, a subsidiary of Tucows; going forward we will be a reseller for RRPproxy, a subsidiary of Key-Systems, a member of the KeyDrive Group.

Automated emails about your domains will continue to be sent from the same email address we’ve been using for years: domainsupport on the niner.net domain. You will notice a change in the format and language used in these emails. At least initially, links in those emails — such as those requesting you to validate your email address — will be on domains controlled by RRPproxy; however, we will work on using the niner.net domain at some point in the future, but we don’t have a timetable for that yet. The domain used in links in the email address validation emails that you may receive after your domain is transferred is currently emailverification.info.

Unless otherwise notified, you will continue to manage your domain registration through the interface at manage.niner.net. Within the next six months the interface at that address will change.

We are looking forward to an improved experience for all clients (except those using dot-zm domains, of course) as a result of this move. If you have any questions or concerns, please let us know. As always, if you are concerned about the legitimacy of an email you’ve received that pertains to your domain or hosting account with us, please forward it to us and we will advise you accordingly.

Thank-you for your business.


Update, 2018-06-29: Please note that, despite our best efforts, the transfer confirmation emails you will receive from our current registrar are sent from two different email addresses not on the niner.net domain: noreply@opensrs.email and transfers@opensrs.org. The inability of OpenSRS to consistently use our domain in messaging over the years (or even just one of their own domains) is a significant symptom of the problems that have led us to make this decision to move. Our apologies for the confusion.

Data privacy developments

22 May 2018 22:44:39 +0000

The purpose of this long blog post is to keep you informed of a significant development in the domain registration business, how it will affect you, what action you need to take and how to protect yourself from the criminals who will take advantage of the confusion that will no doubt be generated. We have also sent this via email to our clients.

The GDPR

In the last few months you may have heard rumblings about a new European law called the GDPR, the General Data Protection Regulation. This is a sweeping new law that will affect people in every corner of the globe, not just in the European Union (EU). It places a premium on the value of individual privacy, and restricts how the personal data provided by an individual may be used by companies and organisations. Fines for breach of the law can reach tens of millions of euros.

The GDPR is a good thing, and will address some glaring problems in our industry that we have referred to on a number of occasions, particularly the public WHOIS system where a domain registrant’s information is available for all the world to see, and is therefore used by scammers worldwide. However, even a good law is still a law and comes with an administrative burden for all parties.

On the hosting side of our business, not much (if anything) will change. We have always closely guarded the personal information of our clients — and that won’t change — and only collected what is technically and legally necessary to provide the services you contract from us.

Domain registrations

On the domain registration side of things, because of the fact that the domain registration system requires a number of entities to co-operate — registrant (you), registrar (currently OpenSRS/Tucows), reseller (NinerNet), registry (various, including Verisign, CIRA, ZICTA, etc.) and ICANN (the Internet Corporation for Assigned Names and Numbers) — you will start to see various transactional emails from us refer to the GDPR (which comes into force on 25 May 2018) and mechanisms for you to provide and, if necessary and possible, withdraw consent for use of your personal data. The need for you to fulfil your obligations as a domain registrant and respond to calls to action in emails will be in addition to actions you have needed to take until now. In short, it should mean a couple more emails per domain per year that you will need to pay attention to, but exactly how this manifests itself will develop over time, especially in the first year after this Regulation comes into force.

While it’s a reasonable question to ask why an EU law will apply to people and companies outside of the EU, the fact is that, worldwide, domain registries and registrars intend to comply with this Regulation and adopt a uniform system for managing it. Many jurisdictions have privacy laws, but the GDPR looks like it will be the most robust affecting the greatest number of people and the general feeling among proponents is two-fold: 1) Privacy is a good thing and we should follow the most stringent standards in favour of it, and 2) If we have to adjust policies and practices, then it makes no sense to have one set of policies and practices for some people and another for everyone else.

While this law affects all industries (and governmental organisations) in the EU and those (within and without the EU) that deal with European residents, the most visible effect in our industry will be on the public WHOIS (“who is”) system, where your personal information — name, address, phone number, email address, etc. — is currently published in public databases of domain registrants for everyone to see. These databases will continue to exist, of course, but access to them will be restricted, through layered access to a new “gated” WHOIS system, to legitimate accredited users that will include law enforcement organisations and intellectual property lawyers, as well as the registries, registrars and resellers directly involved in a particular domain registration.

Spammers, scammers and fraud artists

The one class of people that we certainly hope will no longer have access to this information is the fraud artists that fill your email every day — despite our best efforts — with offers to enlarge body parts, sell you web design and “search engine optimisation” services, scam you into sending them money for services they’ll never provide, and trick you into providing information to them that will lead to identity theft (phishing). With any luck, this new law will finally almost wipe out the spammers who harvest your email address from the WHOIS. It won’t stop those who get your unprotected email address off your website, or already have it or buy it from these unscrupulous individuals, but it should stop anyone else getting your email address if you change it in your existing domain registration.

But speaking of scams, as sure as night follows day (we’ve seen it before) these changes will no doubt lead to many scammers sending out emails urgently requiring you to take some action or another after clicking a link in their email. The text of the emails will use urgent language designed to scare you, but that they assume you will have heard in the news. They will refer to the GDPR and tell you that if you don’t go to a website and fill in a user name and password for your domain — and perhaps send them money too — your domain will be suspended and deleted.

DO NOT FALL FOR THIS! IT IS NOT TRUE!

As we have said over and over again for more than twenty years, if you receive an email about your domain or hosting from an email address that is not on the niner.net domain, then it is almost certainly a scam. If the email attempts to scare you into taking action immediately, then that only adds to the weight of evidence pointing to it being a scam. If you are concerned and not sure, we’re happy to advise you if you forward the email in question to us before taking any action.

Our new privacy policy

As with many Internet companies, the new GDPR has prompted us to revise our privacy policy. Our privacy policy — part editorial, part serious statement — is unlike any you have ever read. It provides some truth about the real problem with what the true purpose is of many (mostly larger) companies these days, and how we’re very different.

No action required at this time

Finally, no action is needed from you at this time. However, after 25 May you will start to receive email notices directing you to take GDPR-related actions, especially if you change anything to do with your domain, and possibly when you renew it.

If you have any questions, please let us know. Thank-you for your time.

Quarterly kwacha rate review, Q2 2018

1 April 2018 00:00:02 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are maintaining our retail kwacha prices until the next quarterly review.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our kwacha rates are available on our website.

Quarterly kwacha rate review, Q1 2018

1 January 2018 23:57:16 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are maintaining our retail kwacha prices until the next quarterly review.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our kwacha rates are available on our website.

Year-end wishes and business hours

22 December 2017 13:09:26 +0000

Please accept our thanks for your business in 2017, and our best wishes to you, those in your organisation and your families for a Happy Christmas, and all the best for a prosperous New Year.

Over Christmas and the New Year our administrative side will be taking a break from 23 December 2017, and will be back on the job on Tuesday 2 January 2018, at which time routine emails and enquiries will be dealt with. We will, of course, continue to monitor servers 24/7, and emergency support requests will be dealt with immediately.

Thanks very much again for your ongoing business. We look forward to continuing to serve you in 2018.

Quarterly kwacha rate review, Q4 2017

1 October 2017 22:19:06 +0000

Based on the current value of the Zambian kwacha in US dollars and recent trends, we are increasing our retail kwacha prices effective today and until the next quarterly review by about 5%.

Some sample rates:

  • webONE hosting plan (monthly): ZMW 157.50
  • mailONE hosting plan (monthly): ZMW 105.00
  • gTLD domain (annually): ZMW 199.50

Our new kwacha rates will be online within 24 hours.

Office hours

31 July 2017 20:26:33 +0000

NinerNet‘s offices will be closed from Tuesday 1 August and will re-open on Monday 7 August. Emergency support will continue to be available 24/7, but routine emails and enquiries will be dealt with on Monday 7 August. Thank-you.

Diet and weight loss spam

24 July 2017 07:06:34 +0000

This is a long post, but certain sections of it might be useful to you.

We have been hearing from some clients over the last few months that they are being inundated with spam advertising weight loss drugs, diet pills, etc. ad nauseam. NinerNet does have anti-spam measures on our mail servers — and they stop thousands of messages a day that you never see — but they generally rely on methods of filtering that do not involve what is called “content scanning” — i.e., having a machine essentially read all of your email to see if it mentions topics you don’t want to hear about. They also don’t generally involve blocking email addresses, as spammers almost always send from a different email address every time, so blocking one email address after the fact is pointless.

Additionally, what is a clear indicator of spam for one client can be part of a perfectly legitimate email for another client: for example, a medical client might send and receive completely legitimate emails that include the word “diet” or the phrase “weight loss”, and so we can’t filter for those words across the entire server. Even everyday communications can contain these words when one person enquires after another person’s health, even in a business email: “How’s the diet going?”; “Bob has experienced significant weight loss since he got sick last month”; and so on. In other words, if we deleted all messages containing the word “diet”, for example, we’d delete a lot of legitimate email and upset a lot of clients.

Then there are spelling mistakes: If we delete email containing the phrase “diet supplement”, we’ll miss the misspelling “diet suplemment”.

So what can you do? Potential solutions fall into two categories — prevention and cure — and we all know that an ounce of prevention is worth a pound of cure. We’ll deal with prevention first, but if it’s already too late for you, skip right to the (potential) cures at the end.

Prevention

  • Don’t put your email address(es) on websites: Spammers use the same techniques as the search engines to index (“scrape”) websites for email addresses. If you put an email address on a website — yours, or a forum that you’re involved in — it is going to be spammed. Instead use a contact form. These are not foolproof either, but they’re better than nothing and you can tweak them over time in response to their misuse.
  • Avoid using certain email addresses: Certain email addresses get more spam than others. These are called RFC 2142 addresses, and they include info@example.com, sales@, etc. These are common addresses that spammers will send email to in the hope that they go to a real person. Instead of info@, consider an alternative like contact@.
  • Avoid common first names: Yes, your name might be Jim and you want to use jim@example.com, but avoid it. If your surname is Smith, try jims@example.com, jsmith@example.com or even jimsmith@example.com instead. Consider adding punctuation — e.g., j.smith@example.com.
  • Domain registrations: Use a dedicated email address for your domain registrations. Over the years most domain registries have been part of the spam problem by publishing email addresses in their “WHOIS” databases, which are scraped the same way websites are. Instead of using your primary address as the public contact for your domain registration, use a secondary one. However, it must work and you should check it regularly — e.g., once a month or so. The registry that NinerNet uses does not publish the billing contact’s email address, making the email address for this contact less likely to receive spam. And while we do provide WHOIS privacy where all of the contact information for your domain registration is hidden, we don’t recommend this for businesses as looking up the WHOIS information for a domain is a legitimate method for your customers to verifying the legitimacy of your business.
  • Use throwaway addresses: If you need to give an email address out in situations where you’re concerned it might be abused by the person or organisation you’re giving it to, create a throwaway address for one-time use.
  • Don’t be part of the problem!: See “How and Why to Blind Copy Multiple-Recipient Emails“. Also, don’t send mass emails yourself to people you assume will be happy to receive them — e.g., customers who once did business with you six years ago!
  • Use an anti-virus scanner: Prevent your computer being taken over by criminals who want to mine it for data, not the least of which are the email addresses of your friends, family and business contacts.

Cure

In truth, there is no cure. If your email address is on a spammer’s list, it’s going to be sold and traded on. But no matter how well you do on the prevention side, someone else who has your email address on their computer is going to allow a virus in, and your email address will end up on a list.

However, on the particular topic of this blog post — weight loss spam — if no legitimate email coming into your account is going to refer to “diet pills” or “weight loss”, then you can set up a filter in your webmail account. Follow these instructions (illustrated at right):

  1. Log into your email account at mail.niner.net.

    Spam filtering

    Spam filtering.

  2. Click “Settings” in the top, right-hand corner.
  3. Click “Filters” in the left-hand column under the “Settings” heading.
  4. Click the plus sign at the bottom of the third column from the left under the “Filters” heading.
  5. In the “Filter name” box, give the filter a name like “Diet spam”.
  6. In the “For incoming mail” section you probably want to leave the default “matching any of the following rules” setting in place.
  7. In the first drop-down list, select “Body”.
  8. In the second drop-down list leave “contains” selected.
  9. In the blank field to the right, enter a word (single words are risky) or phrase that you think indicates spam. (Some suggestions culled from sample emails sent to us by clients are below.)
  10. To add more spammy words or phrases, click the plus sign to the right to add another “rule”.
  11. In the “…execute the following actions” section, we recommend you select “Move message to” in the first drop-down list, and “Junk” in the second drop-down list.
  12. At the bottom of the page click the “Save” button.

Now emails matching the filter you have created will automatically be filtered to your “junk” folder. We suggest that you check your junk folder regularly for a while after you create a rule to make sure it doesn’t catch any legitimate email.

Some spammy words and phrases from sample emails sent to us by clients:

  • diet aid
  • weight loss
  • fat
  • body
  • skinny
  • weight goals
  • diet supplement
  • weight reduction
  • excessive weight
  • boost your metabolism
  • beach body
  • live a better life
  • living a better life
  • dietary product
  • fight weight
  • big discount

Please note that you use these phrases and instructions for filtering your email at your own risk!

We hope this helps you fight some of the spam you’re receiving. If you have any questions, please contact support.

NinerNet home page

Subscriptions:

RSS icon. RSS

General Information:

This is the corporate blog of NinerNet Communications. It's where we post announcements, inform and educate our clients, and discuss issues related to the Internet (web and email) hosting business and all that that entails. This includes such concomitant industries and activities such a domain registration, SSL certificates, online back-up, virtual private servers (VPS), cloud hosting, etc. Please visit our main website for more information about us.

Search:

 

Recent Posts:

Archives:

Categories:

Tags:

accounts receivable apple billing branding cira client feedback contact information domain registration domain registry of canada domain renewals domains domain sales dot-ca domains dot-zm domains down time droc facebook google happy hosting customers hosting transfer icann internet registry of canada invoices iphone iroc kwacha maintenance new services paying your bill paying your invoice quarterly kwacha rate review rates registrant transfers registrar transfers reputation scams search engine optimisation search engine optimization security seo service hours support testimonials transparency verisign

Resources:

Couldn't connect: Access denied for user 'ninernet_x_site'@'localhost' (using password: YES)