[conspire] Public Interest Registry uses rate-limited whois on .org: Grrr!

[Rick Moen]

Quoting Ryan Russell (ryan at thievco.com):

> It's most likely intended to limit email address harvesting rather than
> a concern over denial of service.

Yeah, good point.  Thanks.  (They rate-limit queries at the Web
interface in a similar fashion, with a less severe limit.)

The address-harvesting bots, to be economically viable, have to 
pull in a _lot_ of addresses during their runs.  So, somewhat smarter
than a per-IP limit of four queries per minute might be a per-IP cap on 
total number of queries within a single day or half-day, regardless of
rate.  E.g., cut off an IP for a day or two whenever it reaches a
thousand queries within a twelve-hour period, or such -- which would
ruin the address-harvesters' strategy without interfering so much with 
legitimate scripted queries.  But that would be more difficult to code,
and I'm guessing they went for the quick and easy limit.