Hi. A few days ago I initiated some domain registration transfers away from DH and have noticed 2 anomalies. TLD is .com in all cases.
(1) My first attempt was rejected by the gaining registrar with a message like “could not extract email address from whois info”. In order to get past this stage, I had to remove private registration at the DH end. Well, I know that in the distant past one almost always had to do this, but, so far as I recall, more recently things were better and one did not have to do this. Maybe I am mis-remembering, but I think that about 2 years ago one could transfer away from DH without removing private registration. Am I mis-remembering? Or has DH procedure changed for the worse in the last 2 years?
(2) It has been several days, and I have not received a domain-jacking protection email like I did last time. 2 years ago the email said,
We’ve received a request to transfer the domain registration for
[example.com] from DreamHost to another domain registrar.
You now have four calendar days to visit:
and approve or deny the transfer. If you do nothing, after four
days the transfer will be auto-denied as a precautionary measure
The Happy DreamHost Domain Registration Transfer Team[/quote]
I’ve checked spam folders, and also my support history in the panel, and no such message has arrived. Again, this could be the result of a change in DH procedures. The losing registrar is not actually obliged to send any such message (in which case the transfer should be auto-approved after 5 days). But if DH is no longer sending such messages, it seems like another change for the worse, since the old procedure had the effect of speeding up completion of the transfer, as well as providing valuable protection against domain-jacking.
The transfers which I did a couple of years ago were all completed within 24 hours, and in some cases within 1 hour; as I wrote at the time,
[quote]I noticed that dreamhost batched up sending out its authorization-link emails into two periods of the day … mostly between 1500 and 1600 PST but sometimes between 0600 and 0700 PST
After that batching-behaviour is taken into account, the transfer was always completed expeditiously.
In one case (which by chance I had initiated just before dreamhost’s batch-sending window) the entire transfer (from initial request to final confirmation at the new registrar) took 45 minutes.[/quote]
Also, the domain-jacking protection mentioned in the email is valuable since, without it, protection depends on just 2 things:
(a) the authorization code supplied by the registry via the losing registrar; the problem with this is that it is not (I think) time-limited (in the case of TLD .com) so that once it has been made known to a 3rd party (for example in the course of a failed transfer attempt) it could be re-used many years later in a domain-jacking attempt. If I’m wrong about it not being time-limited, please advise.
(b) an email sent to the email address listed in the whois info … this is a published email address and thus may be relatively easily compromised. The email which DH sends (or used to send) provides significant extra protection since it is sent to the account holder’s login email address which is likely to be (and should be) well protected.