Saturday, February 23, 2008

.NZ Whois service deliberately broken

For some time the .nz whois service has been unreliable and for the last week or so I can use whois in the mornings before going to work but if I try to use it in the evenings I almost always get a "query_status: 440 Request Denied" response. I get this from the very first request.

I couldn't understand why this is happening as I haven't been using it excessively and don't believe I've broken any of the other rules so I queried the NZ domain registry. Their reply was that there is a global limit on the total number of whois queries that can be made from all sources each hour, once that limit is exceeded the whois daemon will reply "440 Request Denied" to all queries from all sources. This is based on the rolling hour before the query and not a clock hour.

They also sent me a text file which explains their policy. I've reproduced part of the file below
NZRS operates and manages the Whois server as per the requirements specified in the WHOIS policy. A brief summary of the policy and management of the whois server follows. Full details of the policy can be found on the DNC website at

Monitoring procedures (rate limiting) are maintained on the whois server to detect any inappropriate use of the server. These procedures are designed to detect and prevent a wide range of inappropriate use and as a matter of policy are not published, in order to maintain their effectiveness.
NZRS has primary responsibility for monitoring the use of the whois service. In the event that NZRS discovers or suspects abuse of the service, they may take appropriate steps to restrict access to the service including (but not limited to) removing or limiting access to any IP address.
If there is a sudden increase in requests that exceed normal patterns of behaviour from multiple IP addresses and multiple locations and the integrity of the .nz register is at risk, NZRS may suspend the whois service without notice. NZRS will investigate the behaviour and restore normal service as soon as possible

Given the very common tendency for the whois service to be unusable in the evenings it seems pretty obvious that their global limit is set too low. It also seems that they are imposing a fairly low fixed rate limiting as a cheap substitute for their stated "If there is a sudden increase in requests that exceed normal patterns of behaviour from multiple IP addresses and multiple locations". In effect changing a reasonable safeguard into an unreasonable suspension of expected service levels.

This is stopping me finding out if an expiring domain I'm interested in is currently owned by a notorious cybersquatter (thus suggesting extra work is needed) or by someone who wouldn't be letting it drop if it was worth having, and so affecting my doing due diligence on purchases.
In addition it is is going to have a detrimental effect on potential customers wanting to use whois to find the current owner of domains that are either not delegated or delegated to a page that doesn't offer a contact page so they can offer to buy the domain.

This means that even if for some reason you can't use paid parking on your .NZ domains, you need to have it either pointing to a parking page of your own devising that facilitates contact or use a service such as Hot Domains that supports direct email contact from potential purchasers.

1 comment:

Guru said...

Hi there ...

I don't agree with this - I came across this post after whois commands for .nz domains started returning 440 Request Denied responses, however using appears to work fine.

I guess I could have been banned for (over?)use of whois from my local IP, but I would have only performed 20 lookups in the last 10 minutes, certainly not excessive from my POV.


- Bob -