Expect registering a domain to get more expensive as registrars have to hire dozens more customer service staff.https://twitter.com/rafi0t/status/984398893696811008 …
I think I'm missing a lot of context. But it doesn't seem like your registrar's responsibility to tell you your website got owned and is serving malware or whatever.
-
-
(I work for the Luxembourgish CERT, here is more context) We receive notifications about compromised .lu website. Today, we get the contact point in the whois record, and send a mail (that process is automated). If whois isn't there, our closest contact point is the registrar.
-
Relatively often, it is possible to manually search a contact point on the website itself, but it is a lot harder to automate. Out approach will be to ask the company owning the IP for a takedown, instead of informing the owner of the domain. This part can be automated.
-
I see lots of potential solutions that don't involve any customer service work by registrar. Ideally whois would just eliminate PII and provide a forwarding email for the registrant. But in absence of that...
-
But from your side you can just mail well-known addresses @ the domain and the one published in the SOA. If these don't work, I don't have much sympathy for the customer who doesn't get informed about the compromise. They should ensure standard contact mechanisms work.
-
Guessing email addresses is an option, but then we need to check the bounces and so on. Now, we have an actual contact point the owner is actually using. No, we will contact the registrars, and the hosting company, we know those email addresses are valid and a human read them.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.