[Canada]

Yeah, for this reason I have the habit of using dig to check if the zone exists rather than touching any registrar infrastructure for search

I think it’s less of a problem now though. All of the valuable namespace is either in use or squatted already.

[indigodaddy]

Wouldn't whois from the command line also be sufficient to avoid potential malfeasance?

[Canada]

Yeah, but I find dig faster since all the whois servers decided they needed to also return 10 pages of legal bullshit, and easier to check a bunch of possible domains in a loop. Whois is probably more up to date as zone updates are batched so it's possible something returns NXDOMAIN but has actually been registered.

[indigodaddy]

How are you constructing your dig? Is a null dig result always an indication of an unregistered domain?

[Canada]

Usually something like this:

cat /tmp/wants.txt | while read d; do echo -n $d:; dig $d in ns | grep '>>HEADER<<' | awk '{print $6}'; done

You get NXDOMAIN if it doesn't exist. That doesn't necessarily mean you can register it though. Maybe it's expired but in the grace period, or some other kind of exits-but-disabled state. If it does exist it might be for sale. Anyway, for quickly checking what's probably unregistered from the shell this one liner works great. A whois query usually takes about a second. Dig takes about a tenth of a second, and DNS queries aren't rate limited like WHOIS.

[ryanlol]

dig from the command line seems like an excellent way to get caught by passivedns

[Canada]

Who cares? It's not like an invalid lookup is raising a big flag that I intend to register this domain so come on over and scalp it. Besides, there is ultimately no way to make these lookups other than plaintext.

[ryanlol]

Presumably the same people who worry about their registrars scalping them should also worry about the vast amounts of people with passivedns access scalping them.

You can make these queries via a trusted registrar, and the domains you query won’t be broadcast to the world in cleartext.