A domain I bought 6 months ago ended up on a blocklist.
The .xyz registry got a bad rap early on for its domains being used for spam and other malfeasance. It was a by-product of its pricing model: scammers churn through a lot of domains, so they flock to the cheapest options out there.
Since then, the registry has done a lot to weed out bad actors. It has a robust system for automatically suspending domains that land on blocklists.
But…this can have ramifications for legitimate domain owners.
The other day I logged into my Namecheap account and saw this:
The message states, “Suspended by the Registry, please contact (XYZ support URL).”
I acquired this domain at the end of last year and pointed it to a for sale lander.
I had no idea my domain was suspended and wasn’t resolving. The registry can’t contact registrants directly, and Namecheap didn’t contact me to let me know my domain was suspended. That’s an issue.
I went to the support URL and submitted a ticket to get the suspension removed. Within two days, I had an explanation for which blocklist the domain was on, and the suspension was removed.
In response to a request for comment, Daniel Negari, CEO of XYZ, sent this statement:
…if a registrant wants to contest a suspension, the XYZ Anti-Abuse Team has a form that can be filled out at gen.xyz/unsuspend. The process is relatively painless if the registrant follows all of the steps.
XYZ’s contracts with registrars prohibit us from reaching out to the registrants directly, so the registrars are responsible for contacting the registrant. We require registrars to provide reasonable customer support to registrants. We cooperate closely with our partners to ensure that there are no false positives. Our Anti-Abuse process includes a daily notice to our registrar partners that lists new suspensions of any XYZ TLDs under their management, as well as their previous suspensions.
Receiving a suspension notice may be the first time a registrant realizes their servers have been compromised for abusive activity. In many cases the registrant is not aware that their domain has been hacked and is being used to actively harm others, including their own customers. When they connect with us to unsuspend, they are relieved to find our Team mitigated the damage while they were unaware.
XYZ monitors for abuse with our in-house system and we also have an abuse feedback system that allows anyone to report abuse 24/7 at gen.xyz/abuse. If you look at Spamhaus’s “The World’s Most Abused TLDs” report, .xyz is generally ranked the same and often lower in percent of badness than most legacy TLDs https://www.spamhaus.org/
There is a massive amount of abuse that occurs across the internet industry. Mitigation is very fragmented between individual company policies. ICANN’s requirements for a registry are simply that we monitor for abuse. However, XYZ is one of the most active registries against abuse. We do this because it is the right thing to do in two forms. One: good vs. evil. Where we have the policies to stop abuse, we will. Two: protect end users from cognitive bias. Our end users stand for being different, and different is not always easy. When your market share is less than 3 percent of the size of the establishment, you fight like hell to ensure you are doing everything you can to remove fear, uncertainty, and doubt to help pave the way for your end users’ success.
Organizations that have the means and the policies to take the abuse offline, like the XYZ Registry, gain no revenue in taking action, and yet we make efforts towards stopping it, because it is the right thing to do. It takes a village across the internet industries to continually work at stopping abuse online.
Leave a Comment