I get spam all the time (what a surprise!) and once in a while I check the IP address to see where it comes from (i.e. .cn, .cz, .pl, etc.)
Today I was surprised as I found the output of dig to be:
promtp# dig -x 94.102.52.186
186.52.102.94.in-addr.arpa. 3600 IN PTR user186.mbenzforums.net.
and then the output of whois to be:
prompt# whois mbenzforums.net
No match for "MBENZFORUMS.NET".
How is that possible? Is it because the mbenzforums.net domain was attached to that IP and then did not get renewed, but still assigned to the IP?
I thought that such would very quickly disappear (within a day or so) and am not thinking that I'd catch that "just in time"...