DRoA - oh my, what a shower

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Greetings One and All

Given the audience in AWW I'm assuming we've all heard of DRoA and have  
heeded the warnings never to do business with this bunch of scamming  

ok - got a client that's been well stitched up by them.  Fortunately I  
have control of one of his domains and wouldn't release it without his  
say-so even if they came round and tickled my feet.

Anyway - there are three domains that DRoA sneaked away from $registrar.  
One each of ..
o .com
o .net
o .org

Successes do far ...
o Contact details for the owner sre now correct (whois)
o Contact details for admin/tech/billing are now correct (whois)

Not surprisingly, given what we know about them, the processes for  
changing name-servers and unlocking the domains both fail with a (probably  
bogus) "server busy" errors.

Q: Has anybody any practical experience of successfully wrestling a domain  
 from DRoA?  Clues welcome.  Ideally I'm looking for the 'blue touch paper'  
that will encourage them to drop these domains faster than you'd let go of  
a stinking pile of radio-active cow dung.  However if I must be set for a  
war of attrition then so be it.

Q: I can see no way to request the "Auth Code" for the .org domain on the  
site.  Any clues welcome.

Q: Client has offered to pay for my time/effort in this.  I've no idea  
what to charge or even where to pin the 'ball-park'.  Once again: your  
thoughts, comments & anecdotes are welcome.

Many thanks for reading.
William Tasso


Re: DRoA - oh my, what a shower

Quoted text here. Click to load it

I've got no help to offer. I've never dealt with them. But please document
what you do when this issue finally runs its course and post it here to
AWW. It will unoubtedly be helpful for others who run into the same

Karl Groves

Re: DRoA - oh my, what a shower

Fleeing from the madness of the  jungle
and said:

Quoted text here. Click to load it

ok - switching usenet to blog mode.

SUBJECT: Transferring a domain (or domains) away from Domain Registry of  
America (DRoA)

In the notes that follow I've not reported every blind alley and wrong  
turn in an effort to keep this as simple as possible.

Before we start, dear reader, please know you are not alone.  Many have  
been scammed by DRoA.  If you want to know why some folk think "DR0A are  
evil", take a look at their Terms & Conditions.  Your contact data becomes  
their property indefinately, your domain may become their property.  Still  
not sure?  ok, use your favourite search engine.

Information: DRoA are not an accredited domain registrar.  At the time of  
writing domains 'managed' by DRoA are held within a reseller account at  
eNom.  This may (or may not) become relevant later - we'll see.

Now, from this point on I'm gonna assume the reader "has a clue" wrt  
domain management.  If you (dear reader) are the hapless victim, please  
get someone to help you extract your domain(s).  If you're reading this as  
a result of a s/e query you are probably already quite desperate, just  
like my client.  Take it easy - we'll achieve nothing by getting  
stressed.  These guys (DRoA) will throw up every piece of flak and  
smoke-screen you can imagine to stop you transferring out and you really  
don't want to make any mistakes that could cost you time, money, or worse,  
your domain(s).

Information:  as part of the scamming process (when the domains are  
transferred in to DRoA) you will be sent login/account details.  Do not  
delete this email - DRoA will use characters that are ambiguous when  
printed - just a trivial attempt to slow you down.  You /will/ need this  
information.  If you are the victim please forward this mail to your  
helper/friend.  They will need it to help you.

If you're lucky, the name server associated with the domain will not be  
altered - otherwise they may be changed to *.name-services.com which  
appears to be a domain owned/managed by eNom.  This is bad news because  
your web site and mail will stop working.

If you're lucky the contact details will remain unscathed - don't bank on  
this.  It seems common practice to alter /all/ contact details including  
registrant to "Private Registration" and the contact mail address to  
"privacy@droa.com" - if you don't have the account/login details there is  
no way (I know of) to alter the contact details back to sensible values.

Fortunately it's not hard to correct the registrant and admin/tech/billing  
details.  The web interface is misleading and clunky but so long as you  
have your login data you will be able to perform this task.  Tread slowly  
and don't assume any defults are going to be helpful.

At this point sit back a brew a cuppa.  You have started the process of  
reclaiming your domains.  Chill a bit - we now want the whois contact  
details to propagate to wherever they have to propagate to before we do  
anything else.  Start by checking the whois at enom.com.

all the ducks in a row?  ok, now we can move on.

.org: for these domains you will need the "EPP Auth Code" - this info can  
only be supplied by the registrar and/or agent - the only way I have found  
to extract this info from DRoA is to request it over the telephone.  the  
web interface has no process for extracting this info and emails to  
privacay@droa.com and support@droa.com remain unanswered - however,  
telephone operators appear to play it straight, although they could be a  
lot more helpful, you must ask exactly the right question(s) - they will  
not guide you.

The phone number for DRoA is: +1 866 434 0212
hit #1 for customer services
hit #2 for tech support

doesn't seem to matter which you choose - they appear to go to the same  

The "EPP Auth Code" will be mailed to the contact email on the domain (not  
sure which one, I've set them all to the same value) - you must ensure the  
correct details are registered (whois) before requesting the code.

.com/.net: managing the registrar lock via the web interface will prove to  
be tiresome - no matter how many times you do the clickety-click the  
result is the same "server busy - please try later" - who are they trying  
to kid? This is a facility provided by eNom.  ok - we must assume this is  
another smoke-screen.  Ignore it and move on.

Call DRoA (details above), explain that you have tried to use the web  
interface to unlock your domain and it appears to be failing - act like a  
dumb user, report the 'error' message - there will be a pause before the  
operator comes back on the line saying "the servers are being  
maintained/upgraded - please try again in 2 hours".  Complete nonsense of  
course but in two hours you will be able to unlock your domain(s).  
Amazing eh?

ok - that's where I'm at to date.  The domains are unlocked, the transfer  
requests are in.  We'll see what happens now/next.

This article (when complete) will be available at http://williamtasso.com
William Tasso


Re: DRoA - oh my, what a shower

Fleeing from the madness of the Chaos jungle
and said:

Quoted text here. Click to load it


Remember I said "sit back a brew a cuppa" well, please let me amend that  
to "take a few days off".

The correct registrant/Admin contact details must be in place before any  
transfer will take effect.

ok, so your new registrar has put in the transfer request and you have  
responded to all the confirmation mails - now wait.

The .org came through fairly quick - just a few days.

The .net & .com took well over a week, nearer two.

All domains had important data changed during the transfer process (this  
may have been a hiccup at my registrar) so please do check that all the  
contact details are correct and amend quickly.  Oddly, the name server  
data was untouched - the cynic may suggest this is to avoid suspicion so  
you don't delve deeper.

right - I have the domains safely locked away at my registrar (so far as  
anything can be 'safe' in this world) so I now have a happy customer.

This article (when complete) will be available at my site (in sig).

/moving on ....

It's an ill wind etc.  As you can imagine there has been much chit-chat  
with the customer over the last few days concerning this issue.  
Conversation moved smoothly onto the subject of the site itself - result,  
new contract/new site :)

William Tasso

http://williamtasso.com /

Re: DRoA - oh my, what a shower

Quoted text here. Click to load it

DRoA is behind the largest wave of fake invoices designed to get people to
switch. They've been sending out documents for years that look like invoices
but aren't, that warn YOUR DOMAIN IS EXPIRING!!!!!

It's a huge scam.

Steve Sobol, Professional Geek ** Java/VB/VC/PHP/Perl ** Linux/*BSD/Windows
Apple Valley, California     PGP:0xE3AE35ED

It's all fun and games until someone starts a bonfire in the living room.

Re: DRoA - oh my, what a shower

Fleeing from the madness of the Glorb Internet Services,  
http://www.glorb.com jungle
and said:

Quoted text here. Click to load it

yes - thank you Steven,  Did I not make that outstandingly obvious?  This  
thread has been about the procedures/tactics necessary to extract a domain  
(from DRoA) on behalf of a client.

Been a long time since this short thread started, I probably made the  
assumption that all here (in aww) would know that those running DRoA are  
scumbags of the lowest order.  My mistake of omission and for that I  

William Tasso


Site Timeline