Until the end of January 2018, I'm running some tests to get a feel for how to deal with whois spam.

Email filtering

I've set the the email address with an This email address is being protected from spambots. You need JavaScript enabled to view it. extension and assigned it as the registered contact address for a number of domains. This sees a healthy stream of spam emails (as well as a couple of legitimate ones from ICANN and my hosting provider). I'll be experimenting with a few approaches over the next month

  • The overall approach is for each 'user' to have their own email address based on their username on the Domainbeard site. This inbox serves as a receptacle for all domain-related email, for whatever domain they have listed using this Domainbeard address. I am setting up automated processes that deal with each message based on several layers of criteria.
  • The approach is for selected messages to be copied into a database table after it has been appropriately filtered and verified, and for Domainbeard to make these records accessible to the user through an interface so that they can browse their messages. 
  • Setting autoresponders based on the source domain (namely public email providers such as gmail, which spammer love to use) that send an email back to the sender containing a captcha image and a message requesting the sender to reply back with the captcha code in the subject line. I'm still working on verification and actions from this response.
  • Trying to establish a database of known legitimate sources, and decide on how to deal with these. The idea would be for the user to receive an alert (by email to their usual email address, or by SMS) when a high priority message arrives, providing a link to the message in their Domainbeard account.
  • Keyword searching: I'll not be doing any filtering of emails based on keywords at the moment. I'd like to build up a good catalog is flagged emails from which i can draw insights about keywords and other content patterns (phrases, use of headlines, IP addresses, nature of hyperlinks, etc)

I'll be switching approaches and refining the workflow over the next month to see what works, and reporting back with any interesting findings, and with a summary of data at the end of January 2018.

Telephone filtering

I'll be setting up a VOIP phone number dedicated to this project which will work as so:

  1. Domains I have registered will have this phone number listed (probably an 0203 London number) along with an extension number specifically for this project experiment. Eventually, the idea would be for each user to be assigned their own extension number.
  2. People obtaining the number from the whois register (It won't be published anywhere else) will call the number.
    1. If the caller is calling without disclsing their caller ID information, they will be greeted with a message saying that calls from these souyrces are not accepted, and instructing them to call back with a valid number disclosed.
  3. A recorded message will welcome them to the Domainbeard messaging service, and ask them to enter the extension number into their keypad followed by hash/pound sign.
    1. If they enter an incorrect number, they will be given a recorded message telling them to try again
    2. If they enter no message, the initial welcome message will be read again after a pause
    3. If they enter in incorrect extension number three times, the system will discontinue the call
    4. If they enter a correct extension, they move to the voicemail stage
  4. The caller hears a recording saying that they can leave a short voicemail message
  5. The caller leaves a voicemail message and completes the call
  6. I am alerted by email to a new message and can listen to the attached audio file

I'll spend all of December listening to these messages and viewing the logs to see the sources and other patterns related to calls in order to derive further ideas about way to improve the process.

At this stage I have in mind:

  • A callback system, requiring that the caller enters their contact number (or confirms the one they are calling from) so that the system can call them back with a code. In much the same way as the captcha image in the email system, I'd like them to have to call back and enter that code into their keypad to confirm that they are contactable on the number they are calling from. This should be impractical for robocall or call centers, but reasonable for legitimate sources.
  • The automated blocking of phone numbers based on failed extension entry, call flooding or on the flagging of messages by users as spam or other nuisance.

I'm really excited to see how this side of things goes. I think it will reap great rewards in terms of interesting data received. This of course will be shared with you.

I'll keep you posted

I'll try to provide weekly updates about what development I've made and some info about the type of messages coming in.

 

Domainbeard is brought to you by Netamity Ltd registered in England & Wales (No. 10334496)- 5 The Triangle, Buck Lane, London, NW9 0AE, United Kingdom