You have given your answer in forming your question, and AlphaCentauri has confirmed it.

The top level domains are listed at
http://en.wikipedia.org/wiki/List_of_Internet_top-level_domains

If the domain name ends in one of those, then the preceding word may be a enough, such as
example.tw

But if the preceding word is an organization, such as com, org, gov, govt etc then you will need both that and its preceding word, such as example.org.uk

You may still have to try things out to see what works. After all, com.com is a real domain.

<cnreg@dns.com.cn>
Permanent Failure: Other address status
Delivery last attempted at Mon, 19 May 2008 09:22:46 -0000

<huyan@dns.com.cn>
Permanent Failure: Other address status
Delivery last attempted at Mon, 19 May 2008 09:22:46 -0000

Final-Recipient: rfc822; <cnreg@dns.com.cn>
Action: failed
Status: 5.1.0 MAIL FROM: <my email address> 550 REPLY: 550_Does_not_like_recipient,your_mail_is_rejected!
Diagnostic-Code: smtp; Permanent Failure: Other address status
Last-Attempt-Date: Mon, 19 May 2008 09:22:46 -0000

Same for huyan@dns.com.cn

They're playing games with us. Most likely they've blacklisted either your whole address, or your complete domain from receiving mail from you.

I've been given similar responses from those addresses.

Previously, they would bounce back due to illegal/bad content (they wanted me to munge the spam evidence).


Then again, "Does_not_like_recipient" - could that indicate it doesn't like the huyan and huvan aliases? Either, because they don't exist any longer, mailbox is full, or some other reasoning?

But the "your_mail_is_rejected!" statement lead me to the first assumption - in which the mailbox received it, but then rejected it for whatever reasoning.

the rule to query for an A record with 2 part, and if A missing, retry with 3 part domain seem works.
But should be used only with ccTLD only and not with gTLD?

Example: with domain that do not have an A record neither using 2 or 3 part like:
hxxp://kva.hjwithin.com
to do the whois query I need to remove the kva. part

With 'dig +trace kva.hjwithin.com any'
I see the presence of a CNAME record. It is related to this?

Actually, if I paste kva.hjwithin.com into who.is, it looks up hjwithin.com, so it sort of does it for you.

Spammed domain = noomreplase.com
Registrar = DOOTALL, INC.
Contact = info [at] dootall.com, support [at] dootall.com

Spammed domain = omelograster.com
Registrar = ONLINE SAS
Contact = skolaric [at] online.net (same as Book My Name?)

From ESTdomains -- autoreplies from both the sales@ and support@ addresses:

I have reported through their (Est Domains) web interface for quite a while now. They usually act within one hour and remove the offending domain.

For eNom, the following URL could be added to the To: field, as a reminder obviously, to fill in the form:

http://www.enom.com/help/AbusePolicy.asp

I don't know how reliable the form is, but I'd think a web form is more reliable than e-mail (which usually has filters to jump through...).

I've been reporting all of my kaj52.com spam through this form.

One thing, the page appears to want "headers" - though I don't know, a complainterator "report" could probably substituted As we would do when using the old Joker support ticket system (what a sigh of relief...having not used that form in months now, Thanks Joker lol).

Spammed domain = kaj52.com
Registrar = ENOM, INC.
Contact = http://www.enom.com/help/AbusePolicy.asp

The submission form at eNom sends an email message to 'Report.Abuse[@]enom.com' - I know it because it bounces when it contains anything "spammy".

An address at eNom that does not bounce is 'legal[@]name-services.com'.

At the end, whatever addresses we notify at eNom, the result is the same: no action.

really...the "form submittal" bounces?

I've not seen that here yet....hehehe. I simply pasted in my e-mail address, spamvertised "eNom" domain, and then complete spam source, incl. headers.

I'll give it a day or two and see what happens hehehe.

I'm not holding my breath though lol.