The new gtld .tel was recently released for registration by individuals. Telnic provides a limited one page template for all registered domains, which typically include email addresses in plain text (not obfuscated), thus with a list of registered domains, harvesting the information would be fairly straightforward. Although the zone file is fairly easy to obtain, it has some restrictions and limitations. Telnic could insert a fake record that acts as a trap if a http request is made for that domain, thus this post will look at alternative ways of obtaining a list of domains. First of all, as a large number of registrations are by individuals, we could try a combination of common first and second names. I took the first 300 male, female and common surnames and fed them into a script that output a list of registered .tel with their corresponding IP address. It turns out that around two thirds of these domains were registered at the time I ran the script, and they all had the same IP address: 22.214.171.124. A Live Search query for this IP address yields a longer list of 2,270 domains. Additionally our friends at www.domaintools.com provide a reverse ip lookup facility which returns 2,795 which can be accessed as part of the free trial. In simple terms, harvesting is easy, but there are also a few other problems with .Tel which permit personalised spam that can include the victims address and phone number. It is also possible to use the location and address attribute to identify regional banks, which is of particular concern with phishing, although this is already possible with whois before privacy options were introduced. Is there any use for .Tel, other than an elite email address harvesting platform for spamers?