Not every spammer can harvest all addresses daily ;o)
I have been doing this for years with domain whois. I am listed in over 1000 domains. My experience (without taking detailed measurements) is that a small trickle of spam comes within a few hours (which is why I know IP restrictions don't work). However, it does not build up to any significant amount for a couple months. I suspect the RIPE database is not as desirable as .com whois so i suspect changing the address every few months will be more than sufficient. However, anyone can do this on your own and you don't need RIPE to do it for you as long as you can set up e-mail forwarding. What should have been is that honeypot addresses should have been set up to measure the effectiveness of any anti-spam methods used. has this been done in the case of RIPE? How did RIPE come up with this new 1,000 queries per day limit? Did someone just pick a number or was it tested with data? Are there ongoing efforts to test the effectiveness of these and any other tools? The other problem I see is that the operation of the whois databases are part of the requirements to be an RIR. The RIR's all agreed in the MOU that policies relating to the requirements to be an RIR be submitted to the consensus process. It is supposed to go to the "Address Council" of the "Address Supporting Organization (ASO)." Instead we have RIR's skipping the consensus process and establishing their own local policies. Thank You