Background: I have just transferred a domain name from NAMESCO to Andrews and Arnold. That completed today.
Possibly irrelevant: I received a couple of peculiar emails about confirming the details of the registration. The emails said they were from AA but the from: email address was peculiar, I followed the links in the email which took me to a page that said that my email address had been validated as the contact address for the domain.
Then this email arrives (below). It says it is from 123-reg, although they are nothing to do with this transfer. It has a url in it which I have not followed; unfortunately I don’t feel I can quote it because I don’t know what it will do. It would be interesting to see where it leads though. This is incredibly dodgy. Is this 123-reg trying to steal other registrar’s domains or is it just completely bogus?
Return-Path: <services@123-reg.co.uk>
Delivered-To: <my-email-address>
Received: from mail-director-a.mi.aa.net.uk ([fd00:53:2::25:b])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
by mail-dovecot-a2.m.tch.aa.net.uk with LMTPS
id WB4YMGiMMV+xOwAAgYX0Ag
(envelope-from <services@123-reg.co.uk>)
for <<my-email-address>>; Mon, 10 Aug 2020 19:05:28 +0100
Received: from mail-exim-b.mi.aa.net.uk ([fd00:53:2::25:b])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
by mail-director-a.mi.aa.net.uk with LMTPS
id wLDnLmiMMV+yfAAAmW28Kg
(envelope-from <services@123-reg.co.uk>)
for <<my-email-address>>; Mon, 10 Aug 2020 19:05:28 +0100
Delivery-date: Mon, 10 Aug 2020 19:05:28 +0100
Received: from mailgateway.meshdigital.com ([109.68.33.19])
by mail-exim-b.mi.aa.net.uk with esmtp (Exim 4.92)
(envelope-from <services@123-reg.co.uk>)
id 1k5CAb-0002My-10
for <my-email-address>; Mon, 10 Aug 2020 19:05:28 +0100
Received: from localhost (mesh-mailgateway.hi.local [127.0.0.1])
by mailgateway.meshdigital.com (Postfix) with ESMTP id F3D962605D6
for <<my-email-address>>; Mon, 10 Aug 2020 19:05:11 +0100 (BST)
Received: from mailgateway.meshdigital.com ([127.0.0.1])
by localhost (mailgateway.meshdigital.com [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id ZQxhghq2PUqk for <<my-email-address>>;
Mon, 10 Aug 2020 19:05:11 +0100 (BST)
Received: from MAILER.meshdigital.net (MAILER.meshdigital.net [192.168.1.25])
by mailgateway.meshdigital.com (Postfix) with ESMTP id DC3A526013D
for <<my-email-address>>; Mon, 10 Aug 2020 19:05:11 +0100 (BST)
Received: from MAILER.meshdigital.net (192.168.1.25) by MAILER.meshdigital.net
(192.168.1.25) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1913.5; Mon, 10 Aug
2020 19:05:11 +0100
Received: from MESH-DB-APP01 (192.168.1.6) by MAILER.meshdigital.net
(192.168.1.25) with Microsoft SMTP Server id 15.1.1913.5 via Frontend
Transport; Mon, 10 Aug 2020 19:05:11 +0100
MIME-Version: 1.0
From: 123Reg/Webfusion <services@123-reg.co.uk>
To: <<my-email-address>>
Date: Mon, 10 Aug 2020 19:05:11 +0100
Subject: Transfer Request for <my-domain-name>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Message-ID: <07e18004-4041-4178-9798-5afd9208aecc@MAILER.meshdigital.net>
Received-SPF: SoftFail (MAILER.meshdigital.net: domain of transitioning
services@123-reg.co.uk discourages use of 192.168.1.6 as permitted sender)
X-Message-Linecount: 53
X-Connected-IP: 109.68.33.19:55112
X-Body-Linecount: 25
X-Message-Size: 3175
X-Body-Size: 1633
X-Received-Count: 6
X-Recipient-Count: 1
X-Local-Recipient-Count: 1
X-Local-Recipient-Defer-Count: 0
X-Local-Recipient-Fail-Count: 0
X-Spam-Score: 0.8
X-Spam-Score-Int: 8
X-Spam-Bar: /
X-Spam-Report: Spam detection software, running on the system "mail-spamless-c.mi.aa.net.uk", has
processed this message and it scored (0.8 points).
pts rule name description
---- ---------------------- --------------------------------------------------
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5000]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict
Alignment
0.0 RCVD_NOT_IN_IPREPDNS Sender not listed at
http://www.chaosreigns.com/iprep/
X-Spam-Mark-Threshold: 3
X-Spam-Reject-Threshold: 4
X-Spam-User: <my-email-address>
X-Spam-Flag: NO
X-Resolved-To: <my-email-address>
X-Delivered-To: <my-email-address>
X-Message-Age: 15
X-SpamSubject:
From: services@123-reg.co.uk
Attention: my-email-address
Re: Transfer of my-domain-name.com
123Reg/Webfusion has received a request from my-email-address on 10/08/2020 for us to become the new registrar of record.
Please read the following important information about transferring your domain name:
• You must agree to enter into a new Registration Agreement with us. You can review the full terms and conditions of the Agreement at http://www.domainterms.com/.
• Once you have entered into the Agreement, the transfer will take place within five (5) calendar days unless the current registrar of record denies the request.
• Once a transfer takes place, you will not be able to transfer to another registrar for 60 days, apart from a transfer back to the original registrar, in cases where both registrars so agree or where a decision in the dispute resolution process so directs.
Please go to our website, https://www.approvemove.com?k=<deleted>
If you have any questions about this process, please contact yoursupportrequest@123-reg.co.uk, http://www.123-reg.co.uk/domain-names/.
Kind Regards
123Reg/Webfusion