Latest news of the domain name industry

Recent Posts

Report names and shames most-abused TLDs

Kevin Murphy, July 11, 2013, 14:01:35 (UTC), Domain Services

Newish gTLDs .tel and .xxx are among the most secure top-level domains, while .cn and .pw are the most risky.
That’s according to new gTLD services provider Architelos, which today published a report analyzing the prevalence of abuse in each TLD.
Assigning an “abuse per million domains” score to each TLD, the company found .tel the safest with 0 and .cn the riskiest, with a score of 30,406.
Recently relaunched .pw, which has had serious problems with spammers, came in just behind .cn, with a score of 30,151.
Generally, the results seem to confirm that the more tightly controlled the registration process and the more expensive the domain, the less likely it is to see abuse.
Norway’s .no and ICM Registry’s .xxx scored 17 and 27, for example.
Surprisingly, the free ccTLD for Tokelau, .tk, which is now the second-largest TLD in the world, had only 224 abusive domains per million under management, according to the report..
Today’s report ranked TLDs with over 100,000 names under management. Over 90% of the abusive domains used to calculate the scores were related to spam, rather than anything more nefarious.
The data was compiled from Architelos’ NameSentry service, which aggregates abusive URLs from numerous third-party sources and tallies up the number of times each TLD appears.
The methodology is very similar to the one DI PRO uses in TLD Health Check, but Architelos uses more data sources. NameSentry is also designed to automate the remediation workflow for registries.


If you find this post or this blog useful or interestjng, please support Domain Incite, the independent source of news, analysis and opinion for the domain name industry and ICANN community.

Tagged: , , , , , , ,

Comments (4)

  1. Hey Kevin,
    I don’t think the reports shows what you think it shows. Anyone can go register a name in .ch (for instance), but it’s on the “good” list. On the other hand in .cn they *really* check you out and it’s in the red zone, and .us, with policies brought to you by the NTIA, including a nexus requirement, is also in the red zone.
    There’s not enough data here to draw any conclusions, although it’s excellent for provoking useful questions. Notably missing is any information about price. Your average phriendly phisherman does not want to pay a lot for that throw-away domain, but is perfectly willing to provide fake “verifiable” id. As the registrars have been telling a (deaf) ICANN and GAC, it really is trivially easy to fake residency, or even get a “real” address somewhere through one of many services with brass-plate addresses — they’ll even forward your mail!
    So please please ban from your thinking any necessary correlation (let alone causation) between “tight registration policies” and “lack of abuse.” Price is important; enforcement of policies makes a difference; but checking someone’s address is truly pointless — easy to fake, raises prices, slows down registrations, pisses off registrants (the ones who are left), and there is no I know of that evidence it does anything to combat abuse.

    • Kevin Murphy says:

      I was looking at the top five “good” TLDs, and they all immediately popped out as ones that are quite hard to get or have quite strong restrictions on use.
      But you’re right, I didn’t try to do any structured analysis of whether restricted=safer and there may well be too many exceptions for that conclusion to stand scrutiny.

  2. Benny Samuelsen says:

    Well I see you mention .no and find it interesting that the count are by abuse per millions.. especially since .no are far way from such a volume 😉

  3. Mike Seaton says:

    Whilst that’s good news for .tel, you do need to look at what the report is measuring.
    To quote the article “Over 90% of the abusive domains used to calculate the scores were related to spam, rather than anything more nefarious.”
    Given that the vast majority of registered .tel domains do NOT use an email address of something@mydomain.tel – the setup process is not really for the inexperienced user which .tel mostly targets – then it is hardly surprisng that .tel has not got a spam email problem – and hence scores well !
    But a score of zero is good PR all the same !

Add Your Comment